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About This Guide 


This guide describes the functionality and usage of the Novell Open Enterprise Server 11 (OES 11) 


Support Pack 3 (SP3) Migration Tool. This guide covers the following topics: 


* 


* 


* 


* 


* 


Chapter 1, "Overview of the Migration Tools," on page 15 

Chapter 2, "Overview of the Migration GUI," on page 21 

Chapter 3, "What's New or Changed in the Migration Tool," on page 37 
Chapter 4, "Planning for Migration," on page 41 

Chapter 5, "Using the Migration Tool GUI," on page 45 

Chapter 6, "Troubleshooting Issues," on page 49 

Chapter 7, "Preparing for Server Migration," on page 53 

Chapter 8, "Using the Migration GUI Tool," on page 55 

Chapter 9, "Preparing for Transfer ID," on page 61 

Chapter 10, "Using the Migration GUI Tool for Transfer ID," on page 65 
Chapter 11, "Using Migration Commands for Transfer ID," on page 71 
Chapter 12, "Running Transfer ID Remotely," on page 79 

Chapter 13, "Post Transfer ID Migration," on page 81 

Chapter 14, "Troubleshooting Issues," on page 85 

Chapter 15, "Security Considerations for Data Migration," on page 91 
Chapter 16, “Migrating File Systems to OES 11 SP3,” on page 97 
Chapter 17, “Migrating eDirectory to OES 11 SP3,” on page 143 
Chapter 18, “Migrating AFP to OES 11 SP3,” on page 149 

Chapter 19, “Migrating Novell Archive and Version Services to OES 11 SP3,” on page 155 
Chapter 20, “Migrating CIFS to OES 11 SP3,” on page 163 

Chapter 21, “Migrating DHCP to OES 11 SP3,” on page 175 

Chapter 22, “Migrating DNS to OES 11 SP3,” on page 189 

Chapter 23, “Migrating DSfW to OES 11 SP3,” on page 195 

Chapter 24, “Migrating LUM to OES 11 SP3,” on page 199 

Chapter 25, “Migrating FTP to OES 11 SP3,” on page 201 

Chapter 26, “Migrating iFolder to OES 11 SP3,” on page 207 

Chapter 27, “Migrating iPrint to OES 11 SP3,” on page 223 

Chapter 28, “Migrating NetStorage to OES 11 SP3,” on page 253 
Chapter 29, “Migrating NTP to OES 11 SP3,” on page 255 

Chapter 30, “Migrating NCP to OES 11 SP3,” on page 257 

Chapter 31, “Migrating OpenSLP to OES 11 SP3,” on page 259 
Chapter 32, “Migrating Proxy Users to OES 11 SP3,” on page 261 
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* Chapter 33, “Migrating QuickFinder to OES 11 SP3,” on page 267 
* Chapter 34, "Documentation Updates," on page 269 
Audience 


This guide is intended for network administrators, installers, and consultants who are involved in 
migrating data and services to OES 11 SP3. 


Feedback 
We want to hear your comments and suggestions about this manual and the other documentation 


included with this product. Please use the User Comments feature at the bottom of each page of the 
online documentation. 


Documentation Updates 


For the most recent version of the OES 11 SP3: Migration Tools Administration Guide, visit the OES 
11 documentation web site (http://www.novell.com/documentation/oes11). 
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| OES 11 SP3 Migration Overview 


* Chapter 1, "Overview of the Migration Tools," on page 15 
* Chapter 2, "Overview of the Migration GUI," on page 21 
* Chapter 3, "What's New or Changed in the Migration Tool," on page 37 
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1.1 


1.2 


Overview of the Migration Tools 


Migration is the process of migrating services, file system data, and eDirectory information from an 
existing NetWare 6.5, Open Enterprise Server (OES) 1 Linux, OES 2 Linux or OES 11 server to an 
OES 11 SP3 server. The Migration Toolkit is designed to meet all your OES migration needs. 


In this document, the NetWare, OES 1 Linux, OES 2 Linux and OES 11 servers are referred to as the 
source server, and the OES 11 SP3 server is referred to as the target server. 

* Section 1.1, "Migration Tool Enhancements," on page 15 

* Section 1.2, "Different Migration Tools," on page 15 

* Section 1.3, "Migration Scenarios," on page 16 

* Section 1.4, "Support Matrix for NetWare and OES Services," on page 18 


Migration Tool Enhancements 


The Migration Tool has an enhanced graphical user interface (GUI), which enables you to migrate all 
the services from the source server to the target server. The Migration Tool uses a plug-in 
architecture and is made up of Linux command line utilities with a GUI wrapper. 


Enhancements in this version enable you to do the following actions during migration: 


* Usea Transfer ID scenario to migrate the server identity 

* Create a migration project to migrate multiple services 

* Schedule and run the migration at your convenience 

* Receive an email message indicating the success or failure of the migration process 

* Display the status of the migrating service and display service-specific logs 

* Display the overall progress of migration and display the logs 

* View a summary of the options configured for each service and for the entire migration project 


Different Migration Tools 


The following table lists the tool to use for migrating services, depending on the source platform and 
target platform. 
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1.3 


1.3.1 


Table 1-1 Migration Tools Matrix 


Source Platforms Target Platforms Migration Tool For Information 
From any of these physical To this physical or Migration Tool Chapter 2, "Overview of 
Servers: virtualized server: the Migration GUI," on 
page 21 

* OES 11 SP3 * OES 11 SP3 

* OES 11 SP2 

* OES 11 SP1 

* OES 11 

+ OES 2 SP3 


* OES 1 SP2 Linux 
NetWare 6.5 SP8 


From any of these physical To this physical or Server Novell Server 
servers: virtualized server: Consolidation Consolidation and 
Migration Toolkit 1.2 Migration Toolkit 
* NetWare 5.1 SP8 * NetWare 6.5 SP8 Administration Guide 


Migration Scenarios 


The Migration Tool supports the following scenarios: 


* Section 1.3.1, "Migrate," on page 16 
* Section 1.3.2, "Transfer ID,” on page 18 


Migrate 


The Migrate scenario helps you reorganize your network by copying the service configuration and 
data from any number of source servers to the target server. By consolidating data on new, more 
powerful servers, you can simplify your network administration processes and lower your IT costs. 


This section describes example scenarios of how to consolidate your data. 


¢ "Sample Scenarios" on page 16 


* "Cross-Platform Data Consolidations" on page 18 


Sample Scenarios 


The benefits of the Migration Tool can be better understood through examining some sample 
scenarios. 


* "Basic Server Consolidation: Many-to-One" on page 17 


¢ “Consolidating Data from Multiple Servers onto a Two-Node Cluster" on page 17 
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Basic Server Consolidation: Many-to-One 


In this scenario (see Figure 1-1), you have three existing OES servers. You recently purchased a 
multiprocessor server and installed OES 11 SP3 on it. You want to copy the data from each of the 
three servers to the single OES 11 server. Instead of manually moving all the data or backing up the 
data on each of the three servers and then restoring it on the OES 11 server, you can use the 
Migration Tool to automate the process. 


Figure 1-1 Many-to-One Server Consolidation 


eDirectory Tree 


Server 1 Server2 Server 3 MP Server 


3 


Volumes 


Migration 


Although Figure 1-1 shows a consolidation scenario in which all servers are in the same eDirectory 
tree, you can also perform tree-to-tree consolidations. 


Consolidating Data from Multiple Servers onto a Two-Node Cluster 


In this scenario (see Figure 1-2), you have five existing OES servers. You recently purchased two 
multiprocessor servers and the necessary hardware to create a two-node cluster complete with an 
attached Storage Area Network (SAN). You decide to install OES 11 SP3 on the two-node cluster and 
to copy the data from each of the five servers to the SAN on the two-node cluster. Instead of manually 
moving all the data and Printer Agents or backing up the data and restoring it to the SAN, you can use 
the Migration Tool, which automates the data migration process. 
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Figure 1-2 Cluster Server Consolidation 
eDirectory Tree 


OES Servers Two Node Cluster 
Cluster Cluster 
Server 1 Server 2 Server3 Server4 Server 5 Server 1 Server 2 


Fiber 
Channel 


Data Switch 
Volumes 


Shared Disk 
System 


Migration 


Cross-Platform Data Consolidations 


The Migration Tool supports cross-platform data consolidations from NetWare, OES 1 SP2 Linux, 
OES 2 SP3, or OES 11 servers to an OES 11 SP3 server. 


13.2 Transfer ID 


Transfer ID is a migration scenario for transferring the server identity of the source server to the target 
server. The identity of the server is made up of its IP address, hostname, eDirectory identity, NICI 
keys, and the certificates from the source server. This scenario is only supported in same-tree 
migration. 


On successful completion of the Transfer ID migration, the target server functions with the identity of 
the source server and the source server goes offline. 


1.4 Support Matrix for NetWare and OES Services 


The Table 1-2 lists the support for the source platforms for OES 11 SP3 services. 


Legend for the following table: 


v Supported source platform 

x Unsupported source platform 

NA Service is not available on that platform 
* iFolder 2 

m iFolder 3.2 
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Table 1-2 Source Platform Support for OES 11 SP3 Services 


NW 6.5 
SP8 


Services 


AFP 


Archive and Version 
Services 


CIFS 


DHCP 


DNS 


DSfW 


FTP 


SXXNS NA 


* 


iFolder 


iPrint 
NetStorage x 
NCP NA 
NSS 

NTP 

NetWare Traditional 


OpenSLP 


ee LK A 


QuickFinder 


OES 1 
SP2 


NA 


OES 2 
SP3 


{AAS ACS 


LES 


z 
2 


z 
2 


v 


OES 11 


5 iia % X 


LESS 


z 
> 


z 
> 


v 


OES 11 SP1 OES 11 SP2 OES 11 SP3 


ELSE SEE LES 


SOR = 


z 
2 


z 
2 


v 


AE CA CK X X SS 


ZS SSS 


z 
2 


v 


EBERT X 


SU 


Z 
2 


z 
2 


NOTE: If the source platforms are NW 5.1, NW 6.0 SP5, OES 2 SP1 or OES 2 SP2, you must 
upgrade to the latest supported source platform as listed in the table above. 


For more information about configuring and migrating the services listed above, see Part VII, "Service 


Migration," on page 141. 
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Overview of the Migration GUI 


This section describes the different panes in the Migration Tool GUI. 


* 


Section 2.1, 
Section 2.2, 
Section 2.3, 
Section 2.4, 


* 


* 


* 


Figure 2-1 Migratio. 


"Project Pane," on page 21 

"Migration Pane," on page 29 
"Services to Migrate Pane," on page 31 
"Migration Status," on page 33 


n Tool GUI 


zd Migration(/var/opt/novell/migration/NewP roj140.xml) 


iy New Project 
=] Open Project 


: 
ima] Save Project 


E Scheduler 
e Email Notification 


D 
e View Logs 


Project Summary 


Source Server 


7 


192.168.1.255 


DER) 


Target Server 


Migrate 


d Transfer ID 


wgp-drs26 


Service Status 


Dependencies db Add 


File System Not Configured 


= Remove 


F3 Configure 


Summan 


Click Yes to 'Configure' the 
selected service. 


Service Status 


Ready Precheck | Migrate 


Service Start Time (dd-mm-yy hh:mm:ss) : 
Service Elapsed Time (hh:mm:ss) : 
Remaining Time (hh:mm:ss) : 

Project Start Time (dd-mm-yy hh:mm:ss) : 


Project Elapsed Time (hh:mm:ss) : 


Not Started 


Service Information 


B Target System 
? BI File System 
$- G MIGRATE 

Number of files/folders to migrate: 0 
Number of files/folders migrated: 0 
Data to be migrated: O0 MB 
Migrated data: 0 MB 
Trustee errors: 0 
Total errors: 0 
Migration Start Time: 
Migration End Time: 


2.1 Project Pane 


This is the left pane. You use it to access common project options: 


* Section 2.1.1, "Create Project,” on page 22 


* Section 2.1.2, "Schedule Service," on page 23 


* Section 2.1.3, "Email Notification," on page 24 
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¢ Section 2.1.4, "View Logs,” on page 26 

¢ Section 2.1.5, "Project Summary,” on page 28 
* Section 2.1.6, "Help," on page 28 

¢ Section 2.1.7, “Quit,” on page 28 

* Section 2.1.8, “Whiteboard,” on page 28 


Figure 2-2 Project Pane 


M New Project 

a Open Project 
| 

= Save Project 

| Scheduler 


Email Notification 


€ View Logs 


[ie] Project Summary 


21.1 Create Project 
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When you start the Migration Tool GUI, a default project opens. You can save that project, create a 
new project or open an existing migration project. 


* "New Project" on page 22 
* "Load Project" on page 23 


* "Save Project" on page 23 


New Project 
To create a new project, click New Project. Specify the location to create the new project. 


Figure 2-3 New Project 


7» New Project 


Location: 


/var/opt/novell/migration/NewProj1| M 
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Load Project 


To open an existing migration project, click Open Project. Select the project, then click Open. 


Save Project 


To save a migration project, click Save Project, then click Yes. Click No to save the project to a 
different location. 


For example, /var/opt/novell/migration/NewProj1.xml. The migration project file 
NewProj1.xml is saved to the default location. 


Schedule Service 


You can schedule the migration project to run at your convenience. 


Figure 2-4 Scheduler 


"A scheduler 


November 2010 
M T W T F 
2 3 4 5 
9 10 11 12 13 


5 17 18 19 20 
24 


1 2 3 4 


Start Time: Duration (Hours): 


[4 ok Y» Clear 


Use the scheduler to perform the following tasks: 


e "Configure" on page 23 


* "View" on page 24 


Configure 


You can schedule the migration project to run on multiple days. 


1 Select the date in the calendar. 
2 Specify the Start Time to run the project. 
3 Specify the Duration to run the project. 
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4 Click OK to save the schedule. 


5 In the main migration window, click Migrate to migrate the service; or click Sync to synchronize 
the data at the specified time. 


The migration project runs on the scheduled date and time. 


View 


Use this tab to see the week view of the scheduled project. 


2.1.3 Email Notification 


You can set email notifications for receiving the status of the migration. 


Figure 2-5 Notification 


ya Email Notification 


| Email | Configure | 


Email ID(s): 
up 


From: | 


Mail Notification On 


Success Failure 


Error [ ] Schedule 


E ok © cancel 


* "Email" on page 24 


* "Configure" on page 25 


Email 
1 In the 7o field, type the email address of an individual or group to receive notifications. You can 
include multiple email addresses separated by a comma. 
2 In the From field, type the email address that the notification email messages will be sent from. 
3 Under Mail Notification On, select the option to generate mail. 


If you select all the options, you receive notification through email, depending on the state of 
migration. For example, if the migration fails, you receive an email message notifying you that 
the migration has failed. 


4 Click OK to save the settings. 
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Configure 


7» Email Notification 


' Configure 


Mail Server 


Server : 


EOM: 25 


[_] StartTLs 


Mail Interval (in minutes): 


E ok © cancel 


1 In the Server field, specify the hostname or IP address of the recipient's inbound mail queue. 
2 Specify the port for the recipient's mail server. In non-secure mode the default port is 25. 
3 To send an email message through a secure SMTP connection, select StartTLS. 


For example, to send an email to a Gmail account, the IP address is gmail-smtp-in.l.google.com 
and the port is 26. 


4 Specify the mail interval (in minutes) to send email messages for errors encountered. The default 
time is 15 minutes, but you can increase or decrease the interval as necessary. The email 
messages are sent only if error notification in the Email tab is set and if errors are encountered. 


NOTE: To set default mail settings for multiple projects, update the details in the 
migconf.properties file. 


The email settings can be set by using the /opt /novell/migration/plugin/conf / 
migconf.properties file. Update the values for the following parameters according to your 
requirements: 


* mail server ip 

* mail server port 

* mail to 

* mail from 

* populate values from httpstkd 


However, if you want default email settings specified in /etc/opt/novell/httpshkd.cont file, 
set the populate values from httpstkd parameter to yes in the migconf.properties file. 


5 Click OK to save the settings. 


Overview of the Migration GUI 25 


26 


2.1.4 


View Logs 


In the main Migration GUI, click View Logs. This displays the Migration Logs window with logs for 
overall migration and service-specific migration. You can select Migration or a service and use the 
search functionality to filter logs for a specific type of error messages or keywords. The results are 
displayed in a new search window. By default, only the last log file is filtered and results are 
displayed. You must select the /nclude All Files option to search all log files for a service. 


Figure 2-6 Migration Logs 


zd Migration Logs 


Search For: | j v| [include All Files @, Search 


UIS-IU-UI IF. 30.07, 586 INFU = FICESTS TENT IMME. MOMANTO. DETEUNY 7TTITEUT7TISS7 Y ULL TEST LIM ME LSU UIT 
2013-10-01 14:30:07,635 INFO - FILESYSTEM: migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file1482 1.txt 
2013-10-01 14:30:07,673 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file14822.txt 
2013-10-01 14:30:07,723 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test, 1mb/file14823.txt 
2013-10-01 14:30:07,760 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file1482 4.txt 
2013-10-01 14:30:07,802 INFO - FILESYSTEM: migfiles:Information: Deleting /media/nss/vOL1/test 1mb/file14825.txt 
2013-10-01 14:30:07,823 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/VOL1/test_1mb/file14826.1xt 
2013-10-01 14:30:07,862 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/VvOL1/test 1mbjfile14827.txt 
2013-10-01 14:30:07,887 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test 1mbjfile14828.txt 
2013-10-01 14:31:12,549 INFO - FILESYSTEM: migfiles:Information: Deleting /media/nss/vOL1/test. 1mb/file17917.txt 
2013-10-01 14:30:07,948 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file14829.txt 
2013-10-01 14:30:07,990 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mb/file1483.txt 

2013-10-01 14:30:08,030 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file14830.txt 
2013-10-01 14:30:08,087 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mb/file1483 1.txt 
2013-10-01 14:30:08,138 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file14832.txt 
2013-10-01 14:30:08,143 INFO - FILESYSTEM:migfiles:Information: Deleting /mediajnss/vOL1/test 1mbj/file14833.txt 
[2013-10-01 14:30:08,189 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/VOL1/test_1mb/file1483 4.txt 
2013-10-01 14:30:08,210 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/VOL1/test_1lmb/file14835 txt 
2013-10-01 14:30:08,255 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/VOL1/test. 1mbj/file14836.txt 
2013-10-01 14:30:08,305 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test 1mbjfile1483 7.txt 
2013-10-01 14:31:12,591 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file17918.txt 
2013-10-01 14:31:12,647 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test 1mbjfile17919.txt 
2013-10-01 14:31:12,674 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file1792.txt 

2013-10-01 14:31:12,714 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file17920.txt 
2013-10-01 14:31:12,762 INFO - FILESYSTEM: migfiles:Information: Deleting /media/nss/vOL1j/test. 1mbj/file1792 1.txt 
2013-10-01 14:31:12,823 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file17922.txt 
2013-10-01 14:31:12,863 INFO - FILESYSTEM: migfiles:Information: Deleting /media/nss/VOL1/test 1mbjfile17923.txt 
2013-10-01 14:31:12,910 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file17924.txt 
2013-10-01 14:31:12,949 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/VOL1/test_1mb/file17925.txt 
2013-10-01 14:31:12,974 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test 1mbj/file17926.txt 
2013-10-01 14:31:13,030 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mb/file1792 7.txt 
2013-10-01 14:31:13,080 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mb/file17928.txt 
2013-10-01 14:31:13,101 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file17929.txt 
2013-10-01 14:30:08,311 INFO - FILESYSTEM:migfiles:Information: Deleting 
/media/nss/vOL1/test 1mbj/file14838.1xt2013-10-01 14:31:13,145 INFO - FILESYSTEM: migfiles:Information: Deleting 
Jmedia/nss/VOL1/test. 1mb/file1793.txt 
2013-10-01 14:30:08,373 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mbj/file14839.txt 
2013-10-01 14:30:08,420 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mb/file1484.txt 

2013-10-01 14:30:08,467 INFO - FILESYSTEM:migfiles:Information: Deleting /media/nss/vOL1/test. 1mb/file14840.txt 


| 


| S Refresh || Q close 


The overall progress of migration, sync, and errors are recorded in the common migration file, 
migration.log, and service-specific logs in the servicename.1og file. A log directory is created in 
the same path as the migration project. The associated output and log files for the project are stored 
in this directory. For example, /var/opt/novell/migration/NewProj123/log/migration.log. 


For example, if Migration is selected in the left pane, logs from the migration.1og file are displayed 
in the right pane. 


During migration, if a fatal error is encountered, migration is stopped and details are logged in the log 
files. 


Search For: Select Migration or a service in the left pane. Specify a string in the Search For text box 
or select keywords for logs from the drop-down list, then click Search. A new window is displayed with 
the search results. To search all the log files for a project, select the Include All Files option. 


The keywords are INFO, DEBUG, WARN, ERROR, and FATAL. 
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NOTE: The input string for search is case-sensitive for keywords. 


Include All Files: By default, only the last log file is filtered. You must select the Include All Files 
option to search all the log files for a service. 


Configuring Log Files 


The log files are overwritten after they reach the maximum limit. You can increase the log file size or 
number of log files according to your log requirement. The changes can be applied to the values of 
the MaxFileSize and maxBackupIndex parameters in the configuration file at /etc/opt /novell/ 
migration/Log.xml. 


Customize the following parameters for each log file you want to modify: 


Parameter Description 

MaxFileSize Specifies the size of the service.log file (default: 10 
MB) and migration.log and filesystem.log (default: 10 
MB). 

maxBackupIndex Specifies the maximum number of files created before 


the first log file is overwritten. 


Default value: 10 


For example, you can increase the file size of filesystem. log to 10 MB by editing the MaxFileSize 
value in the Log.xm1 file. 
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2.1.5 Project Summary 


This displays a tree view of the options configured for all of the services selected for migration. 


Figure 2-7 Project Summary 


Project summary 
$- C Project Path 
D /varfopt/novell/migration/mig_project/NewProj. xml 
$ C Source Server 
[3 IP Address - 192.168.1.255 
D Username -cn- admin,o- example.org 
D Tree Name= NOVELL TREE 
$ C Target Server 
Bi IP Address- 192.168.2.255 
Bi Username -cn- admin,o- example.org 
D Tree Name- NOVELLO08 TREE 
9- [7] Email Notification Options 
[3 Mail To=carla@example.arg 
D Notify on error- Yes 
D Notify on success - Yes 
Notify on failure Yes 
D Notify on schedule changes 2 Yes 
9?- CI FTP 


D No Configuration Parameters and Values. 


? E] NTP 
D No Configuration Parameters and Values. 


2.1.6 Help 


This displays the help for the Migration Tool. 


2.1.7 Quit 


This closes the migration window and stops the migration process. If the migration project is not 
saved, you are prompted to save the project. 


2.1.8 Whiteboard 


This displays instructions and tips to perform a successful migration. 
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2. Migration Pane 


This is the top pane of the Migration Tool GUI. 


Figure 2-8 


Source Server Target Server 
| Migrate 
* g * >. >. * 
P D Transfer ID 
192.168.1.255 wgp-drs26 


Use this pane to perform the following tasks: 


* Authenticate the source server and target server credentials. 


* Select the type of migration as Migrate or Transfer ID. The Migrate option is enabled only after 
configuring a service for migration. By default, only the Transfer ID option is enabled. 


2.2.1 Authenticate Source Server and Target Server 


Specify the credentials to authenticate the source server and target server. 


Figure 2-9 Source Server Authentication Screen 


3! Source Server Authentication 


Server: |192.168.1.255] 
(e.g. 192.168.xxx.xxx or Host Name) 
C] Is Cluster Resource 


User Name: |cn-zadmin,o-novell M s 


(e.g. cns admin,o- companyname) 


Password: |eeeeee 


root Password : 


(Required for OES Linux server) 


636 —— [v] Use SSL 


1 In the Server field, specify the IP address or hostname of the source server. 
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The server IP, user name and port information are cached by the Migration GUI. When entering 
values in the Server or User Name field, Migration GUI auto-fills this information. To clear the 
cache entries, delete the entries from the /opt /novell/migration/plugin/conf/ 
migration.history file. 


(Optional) Is Cluster Resource: To migrate cluster volumes, specify the cluster resource IP in 
the Server field and select the /s Cluster Resource option. If you select this option, only the file 
system and iPrint services are migrated. This option supports only the Migrate scenario; it does 
not support Transfer ID. 


For example, use the NSS Cluster Pool IP to migrate NSS cluster volumes and use the iPrint 
cluster IP to migrate iPrint. 


Use the node IP address for migrating other services. 


2 In the User Name field, specify the FDN of the admin user of the source server. Use the LDAP 
(comma-delimited) format. For example, cn=admin,o=novell. 


3 In the Password field, specify the password for the admin user who is performing the migration. 


4 If the source server is OES 1, OES 2 Linux, or OES 11, specify the password for authentication 
in the Root Password field. 


5 |n the Port field, specify the port number to use for the SSL connection on the source server. By 
default, port 636 is used for the SSL connection and port 389 for the non-SSL connection. 


6 (Optional) To use a secure connection for LDAP authentication, select Use SSL. 
7 Click OK to authenticate the credentials on the source server. 


In the Target Server Authentication dialog box there is no field available to specify the IP address or 
the hostname because the Migration Tool is launched from the target server. 


If the source and target servers are in the same tree, the credentials on the target server are 
automatically populated when the credentials on the source server are authenticated. 


Figure 2-10 Target Server Authentication Screen 


A Target Server Authentication 


User Name : [cn 2 admin, o 2 novell 


(e.g. cnz admin,o- companyname) 


Password : jeeeeee 


root Password : |eeeeee 


Port : [636 [D [v] Use SSL 


Cone KETE 


1 Specify the credentials of the administrator of the target server. 

2 Specify the root password. 

3 (Optional) To use a secure connection for LDAP authentication, select Use SSL. 
4 Click OK. 
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2.2.2 Type of Migration 


After successful authentication of the source server and target server, the IP address or the DNS 
name of the servers are displayed below the server icons. 


1 Depending on your requirements, select the migration type: 


* Migrate: Select this option if you want to consolidate the services from the source server 
into an already running instance of the service on the target server. The source server and 
the target server can be in the same eDirectory tree or a different eDirectory tree. This 
option is enabled only after configuring a service for migration. 


* Transfer ID: Select this option to transfer the server identity of the source server to the 
target server. The source server and the target server must be in the same eDirectory tree. 


2 To configure the services for migration, see Section 2.3, "Services to Migrate Pane,” on page 31. 


23 Services to Migrate Pane 


This is the central pane. Use this pane to select the services that you plan to migrate and to configure 
the options. When multiple services are configured for migration, the order represents the sequence 
for migration of the services. 


IMPORTANT: You must install all the services on the target server that you plan to migrate from the 
Source server. 


For a list of service migration chapters and their corresponding documentation, see Part VII, "Service 
Migration," on page 141. 


You use this pane to perform the following tasks: 


* Select and configure services for migration 
* Synchronize the migrated service with the service on the source server 
* View the configuration summary of the service 


Figure 2-11 Services to Migrate 


| Order Service Status | Dependencies | db Add 
File System Not Configured — 
Nowell NTP Not Configured ——— | 
Novell iPrint Not Configured — 
. ..... Novel DHCP Service X — Not Configured = - F3 configure 
| Nowell AFP Not Configured FILESYSTEM — 
| Novell CIFS Not Configured FILESYSTEM 
| Novell iFolder Not Configured FILESYSTEM 
Novell Archive Versioni... Not Configured FILESYSTEM 


2.3.1 Options 


* Add: The Add Services dialog box displays a list of services to be migrated to the target server. 
Services that are not installed on the target server prior to the migration are not listed. 
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NOTE: If the Source server is OES, the Add Services dialog box displays only File System and 
iPrint. Only these two services can be migrated using the GUI. 


Figure 2-12 List of Services to Migrate from NetWare Source Server 


20 Add Services 


Service Name 


File System 

Novell FTP 

Novell NTP 

Novell iPrint 

Novell DHCP Service 
Novell iFolder 


| @ cancel 


* Remove: In the Services to Migrate pane, select the service you do not want to migrate, then 
click Remove. 


* Order: The number indicates the order in which each service migrates. The order is displayed 
by the Migration Tool; it cannot be edited. 


* Service: Lists the name of the service to be migrated. 


* Status: Displays the status of the service and the last executed date and time of migration or 
synchronization of a service. 


The services can be in different states during migration: 


State Description 

Not Configured The service is not configured. 

Password Required Configuration of a service is not complete. 

Ready The service is configured and ready to migrate. 

Migrating The service is in the process of migration. 

Migrated The service is migrated to the target server. 

Synced The service on the target server is updated with the changes on the source 
server. 


* Dependencies: Lists the dependent services to be migrated. The migration process progresses 
independently of whether the dependency is completed. 


* Configure: Select the service to prepare for migration, then click Configure. 


* Sync: This option is enabled when you are synchronizing the file system, iFolder, or CIFS 
services. The service details on the target server are compared with the source server and only 
the changed information is migrated to the target server. Select the service, then click Sync. 


* Summary: A tree view that displays migration options configured for a selected service. 
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2.4 


2.4.1 


2.4.2 


To select the services to migrate: 


1 Click Add to display the list of services available for migration. 
2 In the Add Services window, select the services to migrate, then click OK. 

In the Status column, the status of the unconfigured services is listed as Not Configured. 
3 Select the service, then click Configure to configure the migration options. 


For more information about configuring and migrating the services, see. 


NOTE: The services are listed depending on the source operating system, support for different types 
of migration scenarios (Migrate and Transfer ID), and the services installed on the target server. 


Migration Status 


Displays the service status and logs. 


¢ Section 2.4.1, "Status," on page 33 


¢ Section 2.4.2, "Service Information,” on page 33 


Status 


Displays the status of the selected service. If a service is in a migrating state, the progress of the 
migration is displayed. 


State Description 

Ready The service is configured and ready to migrate. 

Precheck The prerequisites and migration options configured for each service are 
validated. 

Migrate The service is in the process of migration. 

Sync The migrated service is being synchronized with the service on the source 
server. 


Service Start Time: The date and the time when migration started for a specific service. 

Service Elapsed Time: The execution time of service migration. 

Remaining Time: The time remaining to complete migration of a service. 

Project Start Time: The date and the time when migration started for a specific complete project. 
Project Elapsed Time: The execution time of project migration. 


Progress bar: The progress of migration for a service. 


Service Information 


The tree view displays the progress of migration and sync for each service. 
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Migrate - Tree View for All Services 


Service State: The current state of migration for a service: Ready, Precheck, Migrate, or Sync. 
Progress Status: The progress of migration for a service. For example, Successfully Completed. 


Migration Status: The status of migration for a service. For example, Complete. 


Migrate - Tree View for File System 


Number of files/folders to migrate: The total number of files and folders on the source server that 
are to be migrated to the target server. 


Number of files/folders migrated: The total number of files and folders successfully migrated to the 
target server. 


Data to be migrated: The amount of data on the source server that is to be migrated to the target 
server. 


Migrated data: The amount of data successfully migrated to the target server. 


Trustee errors: The number of errors encountered when performing trustee migration. The error 
details are recorded in the filesystem. log file. 


Total errors: The total number of errors encountered when performing migration. Click the link to 
display the service-specific log file. 


Migration Start Time: The date and time when migration starts for a project. 


Migration End Time: The date and time when migration is completed. 


Sync - Tree View for All Services 


Service State: The state of sync for a service. 
Progress State: The progress of sync for a service. 


Sync Status: The status of sync for a service. 


Sync - Tree View for File System 


Number of files/folders to sync: The total number of files and folders on the source server that are 
modified and need to be synced to the target server. 


Number of files/folders synced: The total number of files and folders successfully synced to the 
target server. 


Data to be synced: The amount of data on the source server that is to be synced to the target server. 
Synced data: The amount of data successfully synced to the target server. 


Trustee errors: The number of errors encountered when syncing trustees. The error details are 
recorded in the filesystem. log file. 


Total errors: The total number of errors encountered when performing sync. Click the link to display 
the service-specific log file. 


Number of files/folders deleted on target: The total number of files and folders that are deleted 
from the target server because those files and folders were deleted from the source server. 
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Sync Start Time: The date and time when synchronization of service starts for a project. 


Sync End Time: The date and time when synchronization of services is completed. 
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3.1 


3.2 


3.3 


What's New or Changed in the Migration 
Tool 


This section describes enhancements and changes in the Migration Tool since the initial release of 
Novell Open Enterprise Server (OES) 11. 


* Section 3.1, "What's New (OES 11 SP3),” on page 37 
* Section 3.2, "What's New (OES 11 SP2),” on page 37 
* Section 3.3, "What's New (OES 11 SP1),” on page 37 
* Section 3.4, "What's New (OES 11),” on page 38 


What's New (OES 11 SP3) 


The Migration Tool in OES 11 SP3 has been modified to run on 64-bit SUSE Linux Enterprise Server 
(SLES) 11 SP4. Besides bug fixes, there are no other changes for this component. 


What's New (OES 11 SP2) 


The Migration Tool in OES 11 SP2 has been modified to run on 64-bit SUSE Linux Enterprise Server 
(SLES) 11 SP3. In addition to bug fixes, the Migration Tool provides the following enhancements and 
behavior changes in the OES 11 SP2 release. 


Enhanced View of Migration Progress 


The progress of the file system migration and sync now captures the total number of files and folders, 
and the size of the data to be migrated, along with migration start and end time. It also displays the 
total number of errors encountered during migration or sync, along with a link to view the logs. 


For more information, see "Service Information" in the OES 11 SP3: Migration Tool Administration 
Guide. 
Enhanced View of Migration Logs 


The logs of all services are displayed in a single Migration Log window. You can select a service and 
use the search functionality to filter logs for specific types of error messages and keywords. 


For more information, see "View Logs" in the OES 11 SP3: Migration Tool Administration Guide. 


What's New (OES 11 SP1) 


The Migration Tool in OES 11 SP1 has been modified to run on 64-bit SUSE Linux Enterprise Server 
(SLES) 11 SP2. In addition to bug fixes, the Migration Tool provides the following enhancements and 
behavior changes. 
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3.4 


Linux to Linux Service Migration 
You can now migrate services from OES 2 SP2, OES 2 SP3, OES 11, and OES 11 SP1 source 


servers to an OES 11 SP1 target server using service-specific migration scripts. For information, see 
"Service Migration" in the OES 11 SP3: Migration Tool Administration Guide. 


Enhanced Sync Performance 


The Migration Tool data synchronization feature has been enhanced. You must upgrade the source 
server with the latest patches before performing migration. 


* |f the source server is NetWare, contact Novell Technical Support (NTS) for information on 
patching the server. 


Copy Trustees Only At the Directory Level 


Synchronizes trustees only at the directory level. Trustees at the file level are not synchronized. 


Do Not Copy Trustees 


Trustees on the source server are not synchronized to the target server; only data is synchronized. 


What's New (OES 11) 


The Migration Tool in OES 11 has been modified to run on 64-bit SUSE Linux Enterprise Server 
(SLES) 11 SP1. In addition to bug fixes, the Migration Tool provides the following enhancements and 
behavior changes: 


Supervisory Rights for Container Admin 


To perform transfer id using container admin, the container admin must have supervisory rights on the 
container the admin exists. 


Common Proxy Repair Script 


A new proxy script mignwproxy.sh has been added to repair common proxy on an OES 11 server. 
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| Getting Started 


* Chapter 4, "Planning for Migration," on page 41 
* Chapter 5, "Using the Migration Tool GUI," on page 45 


* Chapter 6, "Troubleshooting Issues," on page 49 
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Planning for Migration 


See the following topics to plan for your migration: 


¢ Section 4.1, “Prerequisites,” on page 41 

* Section 4.2, "Preparing the Source Server for Migration," on page 42 
* Section 4.3, "Preparing the Target Server for Migration," on page 42 
¢ Section 4.4, "Installing and Accessing the Migration Tool," on page 43 


* Section 4.5, "What's Next," on page 43 


41 Prerequisites 


* Section 4.1.1, "Source Server Requirements," on page 41 
* Section 4.1.2, "Target Server Requirements," on page 42 
* Section 4.1.3, "Unsupported Target Platforms," on page 42 
The Migration Tool is installed as part of the Open Enterprise Server (OES) 11 SP3 installation. The 
source server and the target server must meet the requirements outlined in this section. 
C] Platform Support for the Source Server: 
* OES 11 SP3 
* OES 11 SP2 
* OES 11 SP1 
* OES 11 
+ OES 2 SP3 Linux on 32-bit or 64-bit 
+ OES 1 SP2 on 32-bit. Upgrade to eDirectory 8.7.3.x 
* NetWare 6.5 SP8 and eDirectory 8.7.3.x or later 
C] Platform Support for the Target Server: 
* OES 11 SP3 


C] Time Synchronization: The source and target servers must be using the same time 
synchronization method. For more information about time synchronization, see "Time Services" 
in the OES 11 SP3: Planning and Implementation Guide. 


41.1 Source Server Requirements 


The source server is a NetWare server, OES 1, OES 2, or OES 11 server that contains the files, 
volumes, and eDirectory objects to be copied to the target server. 


C] The source server must be running supported versions of NetWare, OES 1, OES 2, or OES 11, 
and eDirectory. 


C] Update the source server with the latest NetWare and OES Support Pack. 


C] Ensure that the user performing the migration has read/write/access rights on the source server. 
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41.2 Target Server Requirements 


C] Ensure that the user performing the migration has read/write/access rights on the target server. 


4.1.3 Unsupported Target Platforms 


Novell does not support the following as a Migration Tool target server: 


* Novell Open Workgroup Suite - Small Business Edition 


42 Preparing the Source Server for Migration 


1 Shut down any applications, products, or services (virus scan software, backup software, etc.) 
running on the server to be migrated. 


2 Verify the health of eDirectory by loading DSRepair with the following three options: 
* Unattended Full Repair 
* Time Synchronization 
* Report Synchronization Status 
If errors are reported, resolve them before attempting the migration. 


3 (Recommended) Back up eDirectory data and trustees on the source server, even though the 
source data is not modified during migration. 


For information on creating a backup of eDirectory, see "Backing Up and Restoring NetlQ 
eDirectory” in the NetIQ eDirectory 8.8 SP8 Administration Guide. 


4 Remove any unnecessary applications, then delete and purge unused files and folders. 
5 Ensure that all the latest patches are installed. 


43 Preparing the Target Server for Migration 


1. Back up the eDirectory information on the target server. 


For information on creating a backup of eDirectory, see "Backing Up and Restoring NetlQ 
eDirectory” in the NetIQ eDirectory 8.8 SP8 Administration Guide. 


2. Ensure that you have installed and configured the services that you are migrating from the 
Source server. 


IMPORTANT: If a service is not available on the target server, it is not listed in the Migration Tool 
GUI. 
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4.4 


4.5 


Installing and Accessing the Migration Tool 


The Migration Tool is automatically installed with the OES 11 SP3 (target server) server in the /opt/ 
novell/migration/sbin folder. We recommend that you to set the screen resolution to 1024x768 
before launching the Migration Tool GUI. 


Log in as the root user and use one of the following methods to access the Migration Tool on your 
target server: 


* Desktop: Click Computer > More Applications > System > Novell Migration Tools. 
* Console: At the terminal prompt, enter: 


miggui 


What's Next 


To get started with the Migration Tool GUI, see "Using the Migration Tool GUI" on page 45. 
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5.1 


5.2 


5.3 


Using the Migration Tool GUI 


This section describes how to migrate data from an existing Novell NetWare, Open Enterprise Server 
(OES) 1 Linux, OES 2 Linux, or OES 11 server to an OES 11 SP3 server. 


After you have completed the prerequisite procedures in Chapter 4, “Planning for Migration,” on 
page 41, you are ready to perform the migration. To do this, complete the following tasks in the order 
listed: 

* Section 5.1, “Getting Started,” on page 45 

* Section 5.2, “Launch the Migration Tool Utility,” on page 45 


* Section 5.3, “Migration Process,” on page 45 


Getting Started 


The Migration Tool is automatically installed with OES 11 SP3 in the /opt/novell/migration/sbin 
folder. 


IMPORTANT: To perform the migration, you must be a root user and an eDirectory administrator. 


Launch the Migration Tool Utility 


We recommend that you to set the screen resolution to 1024x768 before launching the Migration Tool 
GUI. 


Log in as the root user and use one of the following methods to access the Migration Tool on your 
target server: 


Desktop: Click Computer > More Applications > System > Novell Migration Tools. 
Console: At the terminal prompt, enter: 


miggui 


Migration Process 


1 Launch the Migration Tool. 
2 Do one of the following to create, open, or save the migration project: 


* Tocreate a new migration project, click New Project, specify the name of the project, then 
click OK. 


* To open an existing project, click Open Project, then select the project and click Open. 
When a confirmation message to open the project is displayed, click Yes. 


* To save a project, click Save Project » Yes. 
3 Specify the credentials of the source server, then click OK. 
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A Source Server Authentication 


Server: |192.168.1.255| 
(e.g. 192.168.xxx.xxx or Host Name) 
Is Cluster Resource 


User Name: |cn-admin,o-novell 


(e.g. cn=admin,o=companyname) 


Password: |eeeeee 


root Password : 


(Required for OES Linux server) 


636 v Use SSL 


Q Cancel 


m Target Server Authentication 


User Name : |ch=admin,o=novell 


(e.g. cn- admin,o- companyname) 


Password : eeeeee 


root Password : jeeeeee 


: [636 [v] Use SSL 


(2) Cancel 


5 Depending on your requirements, select the migration type: 
* Migrate: To perform migration, see Chapter 7, “Preparing for Server Migration," on page 53. 
* Transfer ID: To perform a Transfer ID, see Part IV, "Transfer ID Migration," on page 59. 


6 In the Services to Migrate pane, select the services to migrate from the source server to the 
target server. 


Only the services installed on the target server are listed for migration. 
6a To display the list of services for migration, click Add. 
6b In the Add Services window, select the services to migrate, then click OK. 
7 Select the service for which you want to configure the migration options, then click Configure. 
8 Click Migrate to proceed with migration. The status of the service changes to Migrating. 
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In Status » Service Status, you can view the progress of migration. When the migration is 
complete, the status of the service changes to Migrated. 


In Status » Service Information, the tree view displays the progress of migration for each service. 
The Trustee errors and Total errors displays the number of errors encountered during the 
migration. Click Total errors to view the service-specific log file. 
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6.1 


6.2 


6.3 


Troubleshooting Issues 


¢ Section 6.1, "Source Server Authentication Fails in a Cluster Environment," on page 49 


¢ Section 6.2, "Clear User Name Entries Populated in the Source or Target Authentication 
Screen," on page 49 


¢ Section 6.3, "Unable to Authenticate to Source or Target Server Using Non-SSL Option,” on 
page 49 


¢ Section 6.4, "Target Server Authentication Fails or Unable to Browse the eDirectory Tree in the 
Migration GUI," on page 50 


¢ Section 6.5, "The Authentication Dialog Box Is Blank,” on page 50 


Source Server Authentication Fails in a Cluster 
Environment 


If NCS is configured after the OES configuration, then SMS is not registered with NCS. This causes 
an authentication failure on the source server if the /S Cluster Resource option is selected. 


To resolve this issue, restart SMDR or unload and load TSA components of SMS, then authenticate 
to the source server. 


Clear User Name Entries Populated in the Source 
or Target Authentication Screen 


The server IP, user name, and port details provided in the Source Server Authentication screen and 
the Target Server Authentication screen are cached by the Migration GUI. When entering a user 
name, the values are auto-filled by the Migration GUI. To clear these cache entries, delete the 
MIGFW SOURCE USERNAME and MIGFW TARGET USERNAME entries from the /opt / 
novell/migration/plugin/conf/migration.history file. 


Unable to Authenticate to Source or Target Server 
Using Non-SSL Option 


In the Source Server Authentication screen or the Target Server Authentication screen, if the Use 
SSL option is not selected, then authentication to the server fails. 


* |f you do not want to use a secure connection, deselect the Use SSL option. 


When this option is not selected, ensure that TLS is disabled for LDAP on the source server. In 
iManager, select LDAP > LDAP Options > LDAP Group-server name > Authentication Options, 
then deselect Require TLS for Simple Binds with Password. 


* To use a secure connection, select the Use SSL option (default setting). 


When this option is selected, ensure that TLS is enabled for LDAP on the source server. In 
iManager, select LDAP > LDAP Options > LDAP Group-server name > Authentication Options, 
and select Require TLS for Simple Binds with Password (it is selected by default). 
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50 


6.4 


6.5 


Target Server Authentication Fails or Unable to 
Browse the eDirectory Tree in the Migration GUI 


Description: If you execute the Migration GUI on a new OES 11 SP3 server, the target server 
authentication fails, the Services panel is unable to display eDirectory objects when browsing the 
tree, or LDAP secure bind fails and displays an empty eDirectory tree. 


The Migration Tool creates a private Java certificate store with a first-time authentication to the target 
server. This store is used by Java Security Provider for all the SSL communications. When you 
launch the Migration Tool for the first time, the keystore does not exist and the LDAP bind fails during 
authentication or when performing an eDirectory search. 


Action: 

Save the migration project. 
Close the Migration Tool GUI. 
Start the Migration Tool GUI. 


Start the migration project saved in Step 1. 


ao à WN HP 


Configure the service. 


eDirectory objects are now available in the service GUI. 


The Authentication Dialog Box Is Blank 


Description: When you switch from a desktop or any window to the Source Server Authentication or 
the Target Server Authentication dialog box, the Migration Tool displays a blank authentication dialog 
box. 


This is an issue that occurs randomly. The authentication details are not lost, but you see a blank 
dialog box. 


Action: Close the dialog box and open it again. All the details in the authentication dialog box are 
retained. 
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| | | Server Consolidations 


* Chapter 7, "Preparing for Server Migration," on page 53 
* Chapter 8, "Using the Migration GUI Tool," on page 55 
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7.1 


7.2 


Preparing for Server Migration 


To prepare your source server and target server for migration, complete the tasks in the following 
sections: 

¢ Section 7.1, “Prerequisites,” on page 53 

« Section 7.2, “Migration Support Matrix,” on page 53 


Prerequisites 


* Ensure that the source server and target server are running with the supported versions of the 
NetWare or Linux server software. For more information, see Section 1.4, "Support Matrix for 
NetWare and OES Services," on page 18. 


* The target must be running Open Enterprise Server (OES) 11 SP3 with the following 
components enabled: 


* NetlQ eDirectory 
* Novell NCP Server for Linux 
* Novell Storage Management Services (SMS) 


For more information about installing and configuring OES 11 SP3, see the OES 11 SP3: Installation 
Guide. 


Migration Support Matrix 


To migrate a service, you must select the Migrate scenario. Depending on the service, the Migrate 
scenario either migrates or consolidates the service. 


The Table 7-1 explains the behavior of the service when you select the Migrate scenario. 


* Overwrites the existing configuration: The service configuration on the target server is 
overwritten with the service configuration from the source server. 


* Append to existing configuration: The service configuration on the target server is appended 
with the service configuration from the source server. 


Table 7-1 Support Matrix 


Services Migrate Details 

Overwrites the Append to the existing 

existing configuration 

configuration 
AFP NO Yes Section 18.1.2, "Migration 

Scenarios," on page 149 

Archive and Version Yes No "Migrate - Same Tree" on 
Services page 159 
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Services Migrate Details 


CIFS CIFS configuration * Shares "Migrate - Same Tree" on 
age 164 
* Context pag 
DHCP No Yes “Consolidation” on page 184 
FTP Yes No Section 25.1.2, “Migration 
Scenarios,” on page 201 
iFolder 3 NO * User's iFolder "Migration Scenarios" on 
m ; age 214 
* Sharing information pag 
of iFolder 3.2 
iPrint No Yes Section 27.2, “Supported 
Migration Scenarios,” on 
page 225 
NTP No Yes Section 29.2, “Migration 


Scenarios,” on page 255 
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e Using the Migration GUI Tool 


After you have completed the general prerequisites in Chapter 4, "Planning for Migration," on page 41 
and the prerequisite procedures in Chapter 7, "Preparing for Server Migration," on page 53, you are 
ready to migrate the source server. To do this, complete the following tasks in the order they are 
listed: 


* Section 8.1, "Launch the Migration Tool Utility," on page 55 

¢ Section 8.2, "Create the Project File," on page 56 

¢ Section 8.3, "Select the Source Server, Target Server, and Migration Type,” on page 57 
¢ Section 8.4, "Configure the Services,” on page 58 

* Section 8.5, "Run the Migration,” on page 58 


8.1 Launch the Migration Tool Utility 


Log in as the root user and use one of the following methods to access the Migration Tool on your 
target server: 


Desktop: Click Computer » More Applications » System » Novell Migration Tools. 
Console: At a terminal prompt, enter 


miggui 
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Figure 8-1 Migration Tool GUI 
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Number of files/folders to migrate: 0 

Service Elapsed Time (hh:mm:ss) : Number of files/folders migrated: O 
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Migration End Time: 


Service Start Time (dd-mm-yy hh:mm:ss) : 


Project Start Time (dd-mm-yy hh:mm:ss) : 


Project Elapsed Time (hh:mm:ss) : 


Not Started 


8.2 Create the Project File 


1 Tocreate a new migration project, click New Project. Type the path to the project in the Location 
field, or browse to the location and click Save. 


The file name can include any character except V *? < >|"/. The project name also serves as the 
project's folder name, so you might want to keep it short. The project folder stores the log files 
and other files associated with the project. 


Or 
To open an existing migration project, click Open Project. Browse to the project and click Open. 
For example, /home/Carla/migration/mig.xml 


2 (Conditional) If you want to store the project file in a location other than the default location 
provided, click Browse and navigate to the desired location, then click OK. 


3 Continue with Section 8.3, "Select the Source Server, Target Server, and Migration Type," on 
page 57. 
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83 Select the Source Server, Target Server, and 
Migration Type 


Specify the credentials to authenticate the source server and target server. 


1 Specify the source credentials and click OK. 


A Source Server Authentication 


[192.168.1.255| 
(e.g. 192.168. xxx.xxx or Host Name) 
C] Is Cluster Resource 


User Name: jcn=admin,o=novell 


(e.g. ch=admin,o=companyname) 


Password: |eeeeee 


root Password : 


(Required for OES Linux server) 


636 v [v] Use SSL 


m Target Server Authentication 


User Name : |ch=admin,o=novell 


(e.g. cn- admin, o - companyname) 


Password : eeeeee 


root Password : eeeeee 


| Use SSL 


Q Cancel 


After successful authentication, both the servers change to green. 


3 You must configure a service to enable the Migrate button. Continue with Section 8.4, "Configure 
the Services," on page 58. 


4 Click Migrate. 
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8.4 Configure the Services 


1 In the Services to Migrate panel, click Add and select the services to migrate to the target server. 
The Status of the services is Not Configured. 
2 Select the service to configure for migration, then click Configure. 


After successful configuration, the Status of the service changes to Ready. 


IMPORTANT: Before you proceed with the migration, ensure that you have met all the 
prerequisites and configured the migration options for all the services that are to be migrated to 
the target server. 


For a list of service migration chapters and their corresponding documentation, see Part VII, 
"Service Migration," on page 141. 


3 Continue with Section 8.5, "Run the Migration," on page 58. 


85 Run the Migration 


1 Click Migrate to proceed with the migration. 
You can view the service-specific status of the migration or the status of the overall migration: 


* Inthe Status » Service Status tab, you can view the progress of migration. On completion of 
the migration, the Status of a service changes to Migrated. 


* In the Status pane » Service Information tab, you can view the tree view of services 
migrating to the target system. The message Migration completed for all Services is 
displayed on completion of the migration. 


NOTE: If you encounter any errors during migration, click View Logs in the left pane. After 
resolving the errors, execute the migration procedure again. 
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V Transfer ID Migration 


* Chapter 9, "Preparing for Transfer ID," on page 61 

* Chapter 10, "Using the Migration GUI Tool for Transfer ID," on page 65 
* Chapter 11, "Using Migration Commands for Transfer ID," on page 71 
* Chapter 12, "Running Transfer ID Remotely," on page 79 

* Chapter 13, "Post Transfer ID Migration," on page 81 


* Chapter 14, "Troubleshooting Issues," on page 85 
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Q Preparing for Transfer ID 


To prepare your source server and target server for a Transfer ID project, complete the tasks in the 
following sections: 

* Section 9.1, “Prerequisites,” on page 61 

« Section 9.2, "Preparing the Source Server for Migration," on page 62 


* Section 9.3, "Preparing the Target Server for Migration," on page 62 


9.1 Prerequisites 


* Ensure that the source server and target server are running supported versions of NetWare or 
Linux server software. For more information, see Section 1.4, "Support Matrix for NetWare and 
OES Services," on page 18. 


* To perform transfer id using container admin, the container admin must have supervisory rights 
on the container where the admin exists. 


* The source server and the target server must be in the same eDirectory tree. 

* The source and target server must be in the same subnet and gateway. 

* The source server can either be a replica or a non-replica server in the eDirectory tree. 
* The target server must be a non-replica server in the eDirectory tree. 


To make the target server a non-replica server, select the Novell Pre-migration Server option 
while installing OES 11 SP3 on the target server. 


* Verify the health of eDirectory by executing the ndsrepair command on Open Enterprise Server 
(OES) 11 with the following three options: 


* Unattended Full Repair, execute the command: ndsrepair -U 
* Time Synchronization, execute the command: ndsrepair -T 


The target server must be time synchronized with the source server. Time across all the 
servers in the replica ring should be synchronized. 


For more information about time synchronization, see "Time Services" in the OES 11 SP3: 
Planning and Implementation Guide. 


NOTE: The ndsrepair command locks the eDirectory database. This results in failure of 
the Transfer ID migration. Ensure that all the eDirectory operations are complete before 
performing a Transfer ID migration. 


* Report Synchronization Status, execute the command: ndsrepair -E 
All the eDirectory replicas are synchronized. 


For more information about DSRepair command, see Using DSRepair in the NetlO eDirectory 
8.8 SP8 Troubleshooting Guide. 


If any errors are reported, resolve them before attempting the migration. 


* Ensure that the names and properties of the NSS pools and volumes on the target server are the 
same as on the source server. 
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* 


* 


Ensure that all the eDirectory replicas are up and working in the current partition; otherwise, 
eDirectory migration cannot be completed successfully. 


Ensure that the hostname and IP address of the source server and target server are mapped 
correctly. The /etc/hosts file on the source server must contain correct entries for resolving the 
source server's DNS hostname to the IP address. 


9.2 Preparing the Source Server for Migration 


* 


Shut down any applications, products, or services (virus scan software, backup software, and so 
forth) running on the server to be migrated. 


(Recommended) Back up all the data of the source server, even though the source server data is 
not modified during migration. 


For information on creating a backup of eDirectory, see "Backing Up and Restoring NetlQ 
eDirectory” in the NetIQ eDirectory 8.8 SP8 Administration Guide. 


Remove any unnecessary applications, then delete and purge unused files and folders. Files 
that are deleted from the source server prior to migration are not migrated to the target server. 


Ensure that the NetWare server has a valid license. If Transfer ID is performed on the NetWare 
server with an evaluation license, it might fail due to insufficient user connections. 


If the source server is OES 1 Linux, OES 2 Linux, or OES 11, enable the SSH service. Ensure 
that you have copied the SSH keys to avoid multiple password prompts on execution of the DIB 
Copy step. For more information, see Step 1a on page 68. 


If the source server is NetWare, ensure that you comment the line “LOAD DSMETER' in the 
SYS : \SYSTEM\ autoexec .ncf file and restart the NetWare server before performing Transfer ID. 


Ensure that the /root/.ssh/known hosts file contains the entries of both the hostname and its 
corresponding IP address. 


After successful Transfer ID, the identity of the source server is transferred to the target server 
container. 


9.3 Preparing the Target Server for Migration 


* 


Ensure that the Novell Pre-migration Server option is selected for the target server. 


When you install OES 11 on the target server for a Transfer ID migration and you reach the 
Software Selection window, ensure that you select the Novell Pre-migration Server option. This 
prepares eDirectory for the Transfer ID migration that you will perform later. 
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Figure 9-1 Novell Pre-migration Server 


4 YaST2 ERU 
Preparation ° Software Selection 


> S [a 
OES Configuration Pattern vif 


Novell Pre-migration Server 


E ho} NetIQ eDirectory 
= A Novell Pre-Migration Server is not actually a service. Rather, it is a special-purpose server---the target of a Server 
"tb Novell FTP ID Transfer Migration 
à Novell iFolder Selecting this option causes this server to be installed without an eDirectory replica, thus preparing it to assume 
the identity of another server that you plan to decommission. For more information, see the Migration Tool 
EW j Novell iManager Administration Guide 
a Novell iPrint You should also select and install all the services that you plan to migrate from the other server. Services that are 


not installed on this server prior to the migration cannot be migrated. 
E & Novell Linux User Mana 
This service selects and installs these services 


fi 
Í & 
E Uo NovallINGP Saver Dy * Novell Backup / Storage Management Services (SMS) 


* NetlQ eDirectory (without a replica) 
* Novell Linux User Management (LUM) 
* Novell Remote Manager (NRM) 


v Novell NetStorage 


Si 


- This product will not coektt with the following Services 
ra Novell QuickFinder 


* Novell Domain Services for Windows 
E B Novell Remote Manager 


= Novell Samba 


=" 
E ! j Novell Storage Services 
E Graphical Enviro... 
E GNOME Desktop Enviro 


KDE Desktop Environment | 


E X X Window System 
E Primary Functions 


Ech File Server 


E L Print Server 
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IMPORTANT: Select the Novell Pre-migration Server option at the start of the OES 11 
installation; otherwise, an eDirectory replica is installed on the server and it cannot be the target 
server for Transfer ID migration. If the target server already has OES 11 installed, without the 
Novell Pre-migration Server option selected, then selecting this option later does not prepare the 
target server for Transfer ID migration until you reinstall OES 11 and select this option. 


Install the services that you need to migrate from the source server. 


If a service is not installed on the target server, it is not listed in the Migration Tool GUI screen for 
migration. This is a mandatory requirement. 


Back up the eDirectory information on the target server. For information on creating a backup of 
eDirectory, see "Backing Up and Restoring NetIQ eDirectory” in the NetIQ eDirectory 8.8 SP8 
Administration Guide. 


If the source server is a VLDB replica, then the target server also must be a VLDB replica. 


NOTE: Each DFS management context allows a maximum of two VLDB replicas. If your setup 
has a source server and a non-target server as a VLDB replica, ensure that you remove the non- 
target server as VLDB replica and make the target server a new VLDB replica. 
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10.1 


10.1.1 


Using the Migration GUI Tool for 
Transfer ID 


After you have completed the prerequisite procedures in Chapter 9, "Preparing for Transfer ID," on 
page 61, you are ready to migrate the source server. To do this, complete the following tasks in the 
order they are listed: 

* Section 10.1, "Understanding Transfer ID GUI," on page 65 

¢ Section 10.2, "Launch the Migration Tool Utility," on page 66 

* Section 10.3, "Create the Project File," on page 66 

¢ Section 10.4, "Select the Source and Target Server and the Migration Type,” on page 67 

¢ Section 10.5, "Configure the Services and Run Migration,” on page 67 


* Section 10.6, "Run Transfer ID,” on page 68 


Understanding Transfer ID GUI 


The Transfer ID GUI runs a series of tasks for transferring the server identity of the source server to 
the target server. The identity of the server is made up of its IP address and hostname, and the 
eDirectory DIB information from the source server. 


After successful completion of the Transfer ID migration, the target server functions with the identity 
of the source server and the source server goes offline 


The interface is divided into a left pane and a right pane, and each task is associated with an icon that 
represents the status of the task. 


¢ Section 10.1.1, “Left Pane,” on page 65 
¢ Section 10.1.2, "Right Pane,” on page 66 


Left Pane 


The left pane lists a series of tasks to be completed for successful completion of Transfer ID. Each 
task is associated with an icon. 


Table 10-1 Status Icons 


Icon Description 
© The task is not yet started. 
O The task is in progress. 


The task is complete. 


© Errors must be resolved before proceeding with the next step. An error is displayed in the 
Errors text box. 
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Icon Description 


o You can choose to skip this task in the GUI and perform it manually. 


10.12 Right Pane 


* Task Description: A description of the task in progress. The Command Executed field displays 
the command executed to perform the task. 


* Errors: A description of the error or warnings and a possible resolution. If no resolution is 
provided, you can find more information in the Novell Error Code online documentation (http:// 
www.novell.com/documentation/Ilg/nwec/index. html). 


* Log Messages: Log messages for each executed task and the overall Transfer ID. 


* Send Email Notification: Select this option to receive an email for a main task. An email is sent 
only if you have already configured the Email Notification tab in the main Migration GUI screen. 
Email is not sent for suggests. 


* Ignore: Ignores a task and proceeds with the next task. 
* Back: Click Back to re-execute a task. 


IMPORTANT: When the current task is executed, the changes are committed. Using Back on a 
completed task does not roll back the changes. 


* Next: Click Next to complete the current task and move to the next task. 


* Cancel: Click Cancel to close the Transfer ID Wizard and quit the task. 


IMPORTANT: The Transfer ID process is canceled, but changes or steps executed previously 
are not rolled back. 


10.2 Launch the Migration Tool Utility 


Log in as the root user and use one of the following methods to access the Migration Tool on your 
target server: 


Desktop: Click Computer > More Applications > System > Novell Migration Tool. 
Console: At a terminal prompt, enter 


miggui 


10.3 Create the Project File 


1 Tocreate a new migration project, click New Project. Type the path to the project in the Location 
field or browse to the location, then click Save. 


The file name can include any characters except V ? < > | "/. The project name also serves as 
the project's folder name, so you might want to keep it short. The project folder stores the log 
files and other files associated with the project. 


or 


To open an existing migration project, click Open Project. Browse to the project and click Open. 
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For example, /home/Carla/migration/mig.xml 


2 (Conditional) If you want to store the project file in a location other than the default location 
provided, click Browse and navigate to the desired location, then click OK. 


10.4 Select the Source and Target Server and the 
Migration Type 


Specify the credentials to authenticate the source server and target server. 


1 Specify the source credentials, then click OK. 

If the /s Cluster Resource option is selected, the Transfer ID scenario is not available. 
2 Specify the target server credentials, then click OK. 

After successful authentication, both servers change to green. 


3 You can either migrate all the services to an OES 11 server and then transfer the NetWare or 
OES server's identity, or only transfer NetWare or OES server's identity to an OES 11 server. 


3a To migrate services, continue with Section 10.5, "Configure the Services and Run 
Migration," on page 67. 


3b To transfer the NetWare or OES server's identity, click the Transfer ID button. 
3b1 Click Yes to perform identity transfer without migrating the services. 


3b2 Click No to configure and migrate services. See Section 10.5, "Configure the Services 
and Run Migration," on page 67. 


105 Configure the Services and Run Migration 


1 In the Services to Migrate panel, click Add and select the services to migrate to target server. 
The Status of the services is Not Configured. 
2 To configure a service for migration, click Configure. 


After successful configuration, the Status of the service changes to Ready. 


NOTE: Before you proceed with the migration, ensure that you have met all the prerequisites 
and configured the migration options for all the services that are to be migrated to the target 
server. 


For a list of service migration chapters and their corresponding documentation, see Part VII, 
"Service Migration," on page 141. 


3 Click Migrate to proceed with the migration. 


The Status pane displays service-specific migration progress. On completion of the migration, 
the Status of a service changes to Migrated. 


If you encounter any errors during the migration, click View Logs in the left pane. After resolving 
the errors, execute the migration procedure again. 


In the Status pane » Service Information, you can view the progress of the overall migration. The 
message Migration completed for all Services is displayed when the migration is complete. 


4 (Optional) We recommend that you to complete the synchronization of the services before 
proceeding with Transfer ID. 


5 (Optional) Back up the eDirectory database and NICI keys. For more information, see 
Section 11.1, "Back up eDirectory Database and NICI Keys," on page 78. 
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6 Check the status of the migration. If migration is successful, then perform Transfer ID either by 
using GUI or CLI. 


* Tolaunch the Transfer ID GUI, click Transfer ID. For more information about performing the 
steps in the GUI, see Section 10.6, "Run Transfer ID," on page 68. 


* To use the command line, see Chapter 11, "Using Migration Commands for Transfer ID,” on 
page 71. 


Run Transfer ID 


Ensure that you have completed the following: 


* All the services you need to migrate must be configured on the target server. 


* Ensure that all eDirectory processes (such as eDirectory repair) are completed before 
performing the Transfer ID scenario. The Transfer ID process locks the DIB (eDirectory 
database) on the source server and no operations can be performed. 


* Back up the eDirectory database. For more information, see Section 11.1, "Back up eDirectory 
Database and NICI Keys," on page 78. 


IMPORTANT: Some of the steps for Transfer ID need to be performed manually. The GUI displays 
messages to ensure that you have completed the manual step. When the manual steps are 
completed, click OK to proceed to the next step. If you skip the manual steps, errors are encountered 
in the subsequent steps. 


The Transfer ID GUI displays tasks you perform to complete the identity transfer. 


1 eDirectory Precheck: Click Next. 


The eDirectory Precheck step can be executed multiple times to verify the health of the 
eDirectory tree. Executing this step does not modify the source server and target server. 


After successful completion of this step, the icon adjacent eDirectory Precheck changes to a 
green check mark. 


1a (Conditional) If the source server is OES 1 Linux, OES 2 Linux, or OES 11, ensure that you 
have copied the SSH keys to avoid multiple password prompts on execution of this step. 


1a1 Enable SSH on the source server and the target server. 
1a2 Enter the # ssh-keygen -t rsa command on the target server. 


1a3 When you are prompted to enter the file in which to save the key (/root/ .ssh/ 
id rsa), press Enter. 


The ssh keys are stored in the default location. 


1a4 When you are prompted to enter the passphrase (empty for no passphrase), press 
Enter. 


We recommend that you do not include the passphrase. 


1a5 Copy the key value (the output of the # ssh-keygen -t rsa command) to the source 
server. 


# scp -/.ssh/id rsa.pub rootG«source-server»:/root/ 
where «source-server» is the IP address or the hostname of the source server. 


1a6 Logon to the source server by using ssh. If the .ssh directory is not available, create 
the directory, then append the key value to the list of authenticated keys. 


cat id rsa.pub »» /root/.ssh/authorized keys 
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2 Preparation: Click Next. 


The Preparation step removes eDirectory from the target server. The LUM association with the 
groups and users is no longer available because the Unix Workstation object is also removed. 


This step fails to execute if the prerequisites are not met. 
3 DIB Copy: Click Next. 


The DIB Copy creates an eDirectory DIB (Directory Information Base) copy of the source server 
on the target server. 


On completion of this step, the source server's DIB is locked and further operations are not 
permitted on the source server. The eDirectory database and the NICI files are copied to the 
target server. 


IMPORTANT: This command fails to execute if the replica ring is not in sync, or if the time is not 
synchronized among all the servers in the replica ring. 


The eDirectory database on the source server is locked. The eDirectory database and the NICI 
files are copied to the target server. 


4 Shutdown Source: Click Next to manually shut down the source server and disconnect it from 
the network. 


4a You are prompted to confirm that the source server is shut down. Click OK and proceed with 
the next step, or click Cancel and shut down the source server. 


5 DIB Restore: Click Next to restore the eDirectory database that was backed up from the source 
server in Step 3 on page 69 on the target server. This includes the NICI keys and the eDirectory 
related information. 


WARNING: If the backup in Step 3 on page 69 was not successful, the DIB Restore step fails. A 
failure at this point might cause the target eDirectory server to be unusable. 


6 IP Change: Click Next to change the IP address of the services and their configuration files on 
the target server to the source server IP address. 


IMPORTANT: Failure of the script to change the IP address, or terminating the operation 
manually, might cause the system to hang. For more information, see Chapter 14, 
"Troubleshooting Issues," on page 85. 


If you are executing the Migration GUI by using a remote session, the Transfer ID wizard hangs 
and fails to proceed. For more information, see Chapter 12, "Running Transfer ID Remotely,” on 
page 79. 


* System: The target server IP address is overwritten with the source server IP address. 


* Services: The configuration files of the migrated services are assigned with the new IP 
address of the target server. 


* Others: The IP address change scripts located in the nonplugin folder are executed. 
Executes the IP address change scripts for the services that are not included in the plug-ins 
of the Migration Tool GUI. The IP address change scripts are located in the /opt /novell/ 
migration/sbin/serveridswap/scripts/ipchange/nonplugin/ folder. If you need to 
change the IP address of any additional services, you must add the scripts to the 
nonplugin folder. 


No email is sent in this step, even if you have selected the settings to receive an email. 


7 Hostname Change: Click Next to change the hostname of the system, services, and their 
configuration files to the source server hostname. 
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IMPORTANT: Failure of the script to change the hostname or terminating the operation 
manually might cause the system to hang. For more information, see Chapter 14, 
"Troubleshooting Issues," on page 85. 


* 


* 


System: The target server hostname is overwritten with the source server hostname. 


Services: The configuration files of the migrated services are assigned with the new 
hostname of the target server. 


Others: Executes the hostname change scripts for the services that are not included in the 
plug-ins of the Migration Tool GUI. The hostname change scripts are located in the /opt / 
novell/migration/sbin/serveridswap/scripts/hostchange/nonplugin/ folder. If you 
need to change the hostname of any additional services, you need to add the scripts in the 
nonplugin folder. 


In this step, the Transfer ID wizard runs the hostname change scripts located in the 
nonplugin folder. 


NOTE: No email is sent in this step, even if you have selected the settings to receive an 
email. 


8 Reinitialize Server: Click Next to reinitialize the target server with the IP address and hostname 
of the source server. eDirectory is also restarted. 


9 Repair: Click Next to repair eDirectory, certificates, and services on the target server. The 
ndsrepair command is used to perform eDirectory repair. Service-specific repairs only run for 
services that were migrated using the current project. 


* 


eDirectory: Checks to see if eDirectory is up and running on the target server. It also runs a 
repair on the eDirectory tree. 


Certificates: Repairs the target server certificate and the trusted root certificate. 
LUM: The following steps are performed during LUM repair: 
* Creates a Unix Workstation object. 
* Regenerates the certificate for LUM on the target server. 
* Associates LUM groups and users to the target servers's Unix Workstation object. 
* Refreshes the LUM cache. 


Services: Repairs the services that are migrated to the target server. If no services are 
configured for migration, the Migration Tool skips this step and the icon adjacent to Services 
changes to a green check mark. 


Others: Executes the repair scripts for the services that are not included in the plug-ins of 
the Migration Tool GUI. The scripts are located in the /opt /novell/migration/sbin/ 
serveridswap/scripts/repair/nonplugin/ folder. If you need to repair any additional 
services, you must add the scripts to the nonplugin folder. 


In this step, Transfer ID wizard runs the scripts located in the nonplugin folder. 


10 Restart Server: Manually restart your target server for completion of Transfer ID. 


The target server now runs with the source server identity. 


Continue with Section 13, "Post Transfer ID Migration," on page 81. 
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Using Migration Commands for Transfer 
ID 


Before running Transfer ID, ensure that you have met all the prerequisites and prepared your servers 
as described in Section 4.2, "Preparing the Source Server for Migration," on page 42 and Section 4.3, 
"Preparing the Target Server for Migration," on page 42. 


Before you begin, keep in mind the following: 


* All the services, you need must be migrated to the target server. 


* When you start the Transfer ID process, you cannot perform any operations on the source server 
because the process locks the DIB (eDirectory database) on the source server. 


To perform Transfer ID using CLI: 


Parameters Value Description 
sourceipaddress 172.16.100.101 The server whose identity is to be transferred to the 
target server. 
projectpath /var/opt/novell/migration/ The path of the project created to perform Transfer ID. 
NewProjO 


1 eDirectory Precheck: Executes the prerequisites for the Transfer ID process. 
1a Use the following command to perform an eDirectory precheck: 
migedir -s «sourceipaddress» -u -A «projectpath» -i -t 


For example, /opt/novell/migration/sbin/migedir -s 172.16.100.101 -u -A / 
var/opt/novell/migration/NewProjO -i -t 


When prompted, enter the user name and password of the source server. 


This step can be executed multiple times to verify the health of the eDirectory tree. 
Execution of this step does not modify the source server or the target server. 


1b Check the availability of the hostname and IP address on the source server. The hostname 
or IP address can be resolved by using the DNS server, or using the /etc/hosts file on the 
Source server (OES Linux), or using SYS:etc\hosts file on the NetWare server. 


1c The nam. conf file on the target server includes LUM settings that will be required later while 
performing the repair steps for migration. Create a backup of the /etc/nam. conf file on 
the target server by executing the following command: 


cp /etc/nam.conf «Project path»/nam.conf.target 


For example, cp /etc/nam.conf /var/opt/novell/migration/NewProj0/ 
nam.conf.target 


1d If the source server is OES 1, OES 2, or OES 11, create a backup of the /etc/nam.cont file 
on the source server. 


1e Retrieve and store the list of LUM-enabled groups: 


(Conditional) If the source server is NetWare, enter 
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ruby /opt/novell/migration/sbin/serveridswap/scripts/repair/nam-grpmod.rb 
-H «target server short hostname» -a «admindn» -S «ldap-server-ip» --ldap- 
port «port number» -p «password» -1 


This command displays the list of groups that are LUM-enabled on the target server. These 
same groups must be LUM-enabled on completion of Transfer ID. 


1f If the source server is OES 1, OES 2, or OES 11, ensure that you have copied the SSH 
keys to avoid multiple password prompts on execution of this step. 


To copy the SSH keys: 
1. Enable SSH on the source server and target server. 
2. Enter the following command on the target server: # ssh-keygen -t rsa 
You are prompted for the following: 


a. "Enter file in which to save the key (/root/.ssh/id rsa)' then press Enter. The 
SSH keys are stored in the default location. 


b. "Enter passphrase (empty for no passphrase)”, press then Enter. We recommend 
you not to include passphrase. 


3. Copy the key value (that is, the output of the command above) to the source server: 
# scp -/.ssh/id rsa.pub root@<source-server>:/tmp 


4. Log in to the source server using ssh and add the key value to the list of authenticated 
keys. 


cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keys 


1g If the source server is OES 1, OES 2, or OES 11, ensure that you copy the .nss. dat file to 
the target server. This file stores the nss user context information of the source server and is 
required when we repair the NSS admin object. 


Enter the following command on the target server: 
scp <Source-IP>:/var/opt/novell/nss/.nss.dat /tmp/ 


2 Preparation: Removes eDirectory from the target server. The LUM association with the groups 
and users is no longer available because the Unix Workstation object is also removed. 


2a To remove the Unix Workstation object on the target server, enter 
/usr/bin/namconfig rm -a <admindn> 
For the SSL connection, use the -1 option and specify 636 as the default port number. 
2b To remove eDirectory from the target server, enter 


/opt/novell/eDirectory/bin/ndsconfig rm -c -a «admindn dot format» -w 
ADM PASSWD --config-file /etc/opt/novell/eDirectory/conf/nds.conf 


Use dot format when passing values for -a option. For example, -a admin.novell 


2c To verify the health of eDirectory and to ensure that both the source server and target server 
are time-synchronized, enter 


migedir -s <sourceipaddress> -u -A «projectpath» -i -t 


For example, /opt/novell/migration/sbin/migedir -s 172.16.100.101 -u -A / 
var/opt/novell/migration/NewProjO0 -i -t 


NOTE: When prompted, enter the user name and password of the source server. 


3 DIB Copy: Creates a backup of the eDirectory DIB (Directory Information Base) of the source 
server to the target server. This step locks the DIB of the source server and further operations 
are not permitted on the source server. 
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migedir -s <source-server-ip> - u -A «logfile directory» -i -B 


For example, /opt/novell/migration/sbin/migedir -s 172.16.100.101 -u -A /var/ 
opt/novell/migration/NewProjO -i -B 


After executing the command above, you are prompted for the user name and password of the 
source server. Enter the admin credentials when prompted. 


IMPORTANT: This command fails to execute if the replica ring is not in sync, or if the time is not 
synchronized between all the servers in the replica ring. 


NOTE: If you need to perform any operations on the source server, you must unlock the DIB. To 
unlock the DIB on a NetWare server, reload the ps .n1m file. On an OES 1 Linux server, OES 2 
Linux, or OES 11 server, restart ndsd daemon. 


4 Shutdown Source: You need to shut down the source server. 


5 DIB Restore: Restores the eDirectory database that was backed up from the source server in 


Step 3 on the target server. This includes the NICI keys and the DIB identity. 


IMPORTANT: Ensure that you back up the target eDirectory database and NICI keys. For more 
information, see Section 11.1, "Back up eDirectory Database and NICI Keys," on page 78. 


5a At the command prompt of the target server, enter 
migedir -R 


After executing the command, you will be prompted for the administrator credentials for the 
Source server. 


WARNING: If the backup in Step 3 on page 72 was not successful, the DIB Restore step 
fails. A failure at this point might cause the eDirectory service on the target server to be 
unusable. 


IP Address Change: The IP address of the target server and its services is changed to the 
Source server IP address. 


The scripts to be executed in this step are located in the /opt /novell/migration/sbin/ 
serveridswap/scripts/ipchange and /opt/novell/migration/sbin/serveridswap/ 
scripts/ipchange/nonplugin folders. 


+ To change the IP address of the server in the /opt /novell/migration/sbin/ 
serveridswap/scripts/ipchange folder, enter 


ruby server-yast-ipchange.rb --old-ip «target server IP» --ip 
«source serverIP» 


For example, ruby server-yast-ipchange.rb --old-ip 172.16.200.201 --ip 
172.16.100.101 


* The ipchange folder contains a list of scripts that needs to be executed for changing the IP 
address. An example to change the IP address of the services on the target server by using 
the iprintipchange.sh script in the /opt/novell/migration/sbin/serveridswap/ 
scripts/ipchange folder: 


«server-script» «target server IP» «source server IP» «source server IP» 
«source server IP» 


For example, iprintipchange.sh 172.16.200.201 172.16.100.101 172.16.100.101 
172.16.100.101 


You also need to run the remaining scripts for other services in the same manner. 
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WARNING: Failure of the script to change the IP address or terminating the operation 
manually might cause the system to hang. If a service-specific IP address script fails to 
change the IP address, replace the <service>.conf file with <service>.orig file. 


For example, if eDirectory authentication fails on completion of the /P Change step, do the 
following: 


cp /etc/opt/novell/eDirectory/conf/nds.conf.orig /etc/opt/novell/ 
eDirectory/conf/nds.conf 


To change the IP address in the configuration files of each service on the target server, 
enter the following in the /opt/novell/migration/sbin/serveridswap/scripts/ 
ipchange/nonplugin folder: 


ipchange.sh «oldip» «newip» «oldremoteip» «newremoteip» yes 


Here, oldip is the IP address of the existing server and newip is the new IP address 
assigned to the server. The oldremoteip and newremoteip is the IP address of the Master 
Replica server. If the Master Replica server IP address is not changed, then oldremoteip 
and newremoteip can be same. 


For example, ipchange.sh 172.16.200.201 172.16.100.101 172.16.200.200 
172.16.200.200 yes 


If you want to execute any additional scripts, copy them to the /ipchange/nonplugin folder 
in the same pattern as the existing scripts. 


7 Host Name Change: Host names of the services are changed to the source server hostname. 


7a To change the hostname of the server and the services, enter the following in the /opt / 


7b 


novell/migration/sbin/serveridswap/scripts/hostchange folder. 
«hostname-script» «targethostname» <sourcehostname> 


For example, server-hostname-change.sh aus-market201.marketing.com aus- 
market101.marketing.com 


If you want to execute any additional scripts copy them to the nonplugin folder in the same 
pattern as the existing scripts. 


For example, ./iprinthostchange.sh oldhostname newhostname oldmasterhostname 
newmasterhostname 


where oldhostname is the old server host name and newhostname is the new server host 
name. The master hostname is the hostname of the master server in the eDirectory tree. 
The oldmasterhostname and newmasterhostname can be the same if the master hostname 
is not changed during the Transfer ID migration. 


WARNING: Failure of the script to change the hostname or terminating the operation 
manually, might cause the system to hang. If a service-specific hostname script fails to 
change the hostname, replace the <service>.conf file with the <service>.orig file. 


For example, if iPrint authentication fails on completion of the Hostname Change step, do 
the following: 

cp /etc/opt/novell/iprint/httpd/conf/iprint ssl.orig /etc/opt/novell/ 
iprint/httpd/conf/iprint ssl.conf 


On the console, enter 
hostname «sourceserver name» 


This changes the hostname of the server when you relogin. 


OES 11 SP3: Migration Tool Administration Guide 


8 Reinitialize Server: Reinitialize the target server with the IP address and hostname of the 
source server. In this step, eDirectory is also restarted. 


* To re initialize the server, enter 


/etc/init.d/network restart 


* To restart eDirectory, enter 


/etc/init.d/ndsd restart for restarting nds 


Next, you need to repair eDirectory, certificates for the server, LUM, and other OES services on 
the target server. 


Repair: Performs a repair of eDirectory, certificates, LUM, and services on the target server. The 


ndsrepair command is used to perform the eDirectory repair. The service-specific repairs run 
only for services that were migrated using the current project. 


9a eDirectory: Performs a repair of eDirectory. 


To repair eDirectory, enter 


/opt/novell/eDirectory/bin/ndsrepair -U 


To restart eDirectory, enter 


/etc/init.d/ndsd restart 


Ensure that you fix all errors before proceeding with the next step. 


9b Repair Certificates: To create the SAS object, enter 


/opt/novell/eDirectory/bin/ndsconfig add -m sas -a «admin dn» --config-file 
/etc/opt/novell/eDirectory/conf/nds.conf 


9b1 To regenerate the certificate on the target server, enter 


9b2 


9b3 


9b4 


/opt/novell/oes-install/util/getSSCert -a «new ip address» -t 
«treename» -u «admindn dot format» - x «password» 


For example, /opt/novell/oes-install/util/getSSCert -a 172.16.100.101 -t 
TESTTREE -u cn-admin.o-novell -x novell 


The regenerated sscert .der certificate is stored at the /etc/opt/novell/certs 
location. 


To convert the certificate to the pem format, enter 


openssl x509 -inform der -in /etc/opt/novell/certs/SSCert.der -outform 
pem -out /etc/opt/novell/certs/SSCert.pem 


To verify the health of eDirectory, enter 


ndscheck -h «new ip address» -a «admindn dot format» -w «adminpass» -F 
«Project path» 


For example, ndscheck -h 172.16.100.101 -a cn-admin.o-novell -w novell - 
F /var/opt/novell/migration/Newprojectl/ndscheck.log 


You must resolve all errors before proceeding to the next step. It is recommended that 
you backup the name. conf file before proceeding with the next step. 


(Conditional) To remove the existing nam.conf, enter 


rm /etc/nam.conf 


9c LUM: Creates or modifies the existing Unix Workstation object: 


* 


If the source server is NetWare, a new Unix Workstation object is created. Enter the 
following command: 


Using Migration Commands for Transfer ID 75 


76 


9c1 


9c2 


ruby /opt/novell/migration/sbin/serveridswap/scripts/repair/nam- 
reconf.rb -a «admindn comma format» -p «admin password» -S «ldap- 
server-ip» --ldap-port «port number» -u «Unix config object-dn» 


where Unix config object-dn is the value of the base-name parameter in the nam. conf 
file. A backup of the file was created in Step 1c. 


Idap-server-ip is the value of the preferred-server parameter in the nam. conf . target 
file. 


NOTE: If the value of the preferred-server parameter is the same as the IP address of 
the target server, then the value of the /dap-server-ip must be the same as the IP 
address of either the source server or the appropriate LDAP server. 


If the source server is OES 1 Linux, OES 2 Linux, or OES 11, the Unix workstation 
object is retained. To modify the Unix workstation object, enter the following command: 


ruby /opt/novell/migration/sbin/serveridswap/scripts/repair/nam- 
reconf.rb -a «admindn comma format» -p «admin password» -S «ldap- 
server-ip» --ldap-port «port number» -u «Unix config object-dn» 


where Unix config object-dn is the value of the base-name parameter in the nam. conf 
file. A backup of the file was created in Step 1d. 


Idap-server-ip is the value of the preferred-server parameter in the nam. conf . target 
file. 


For example, ruby /opt/novell/migration/sbin/serveridswap/scripts/ 
repair/nam-reconf.rb -a cn-admin,o-novell -p novell -S 172.16.200.201 - 
-ldap-port 636 -u "o-novell" 


To copy the certificate for LUM operations, enter 


cp /etc/opt/novell/certs/SSCert.der /var/lib/novell-lum/ 
.«new ip address».der 


For example, cp /etc/opt/novell/certs/SSCert.der /var/lib/novell-lum/ 
.172.16.100.101.der 


(Conditional) If the source server is NetWare, run the command to modify the users 
and groups listed in Step 1e on page 71: 


ruby /opt/novell/migration/sbin/serveridswap/scripts/repair/nam- 
grpmod.rb -H «source short hostname» -a «admin dn» -S «ldap-server-ip» 
--ldap-port «port number» -p «password» --grp «group FDN> -| <LUM enabled 
user and groups» [--check] 


Idap-server-ip is the value of the preferred-server parameter in the nam. conf . target 
file. 
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9d 


9e 


9c3 


9c4 


9c5 


Parameters Description 


-H Specify the hostname of the source server. 

-a Specify the administrator's name in LDAP format. 

-S Specify the IP address of the preferred LDAP eDirectory server. 
--Idap-port Specify the port for LDAP server to listen on. 

-p Specify the administrator's password. 

--grp Specify the group to be modified. 


-| Specify the list of LUM-enabled user and groups in fully distinguished format. 


--check Verify LUM-enabled users and groups. 


When prompted, enter the password for the administrator. 


(Conditional) If the source server is OES 1 Linux, OES 2 Linux, or OES 11, modify the 
users and groups by entering the following command: 


ruby /opt/novell/migration/sbin/serveridswap/scripts/repair/nam-fix.rb 
-H <new_server short hostname> -a <admindn_comma_format> -p <password> 
-S <ldap-server-ip> --ldap-port <port number> 


For example, ruby /opt/novell/migration/sbin/serveridswap/scripts/repair/nam-fix.rb -H 
mark-nov101 -a cn=admin,o=novell -p novell -S 172.16.100.101 --Idap-port 636 


Refresh LUM Cache, then run the /usr/bin/namconfig cache refresh to rebuild 
LUM cache. 


(Conditional) If the source server is OES linux server, enter 
chown -R wwwrun:www /var/opt/novell/nici/30 


You must change the ownership so that you can log in to iManager post-Transfer ID. 


To repair pool and volume objects, enter 


/opt/novell/migration/sbin/serveridswap/scripts/repair/volrepair.rb -a 
«admindn comma format» -p «password» -f «project path»/fs 


For example, /opt/novell/migration/sbin/serveridswap/scripts/repair/volrepair.rb -a 
cn=admin,o=novell -p novell -f /var/opt/novell/migration/NewProj1/fs 


Services: Execute the repair scripts for the services that were migrated before performing 
Transfer ID. 


* 


To repair iPrint service, enter 


/opt/novell/migration/sbin/serveridswap/scripts/repair/iprintrepair.sh 
-s «new IP» -u «admindn comma format» -T «source type {-L|-N}> -p «ssl 
port» -S 


For example, /opt/novell...iprintrepair.sh -s 172.16.100.101 - u cn=admin,o=novell -T -L 
-p 636 -S 


Specify the -S option only when the LDAP server is configured for SSL. Specify SSL 
port only if it is configured. 
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11.1 


* Torepair CIFS service, enter 


sh /opt/novell/migration/sbin/migcifs.sh -s «new IP» -p «ssl port» -a 
«admindn ldap format» [-f 1 «if ssl» | -f 0 <non-ssl>} -t «tree name» - 
d «target server IP» -q «port» -b «admin name» {-g 1 «if ssl» | -g 0 
<non-ssl>} -m «project path»/cifs/cifsSourceShares.tmp -S 3 -r 


9f Others: Execute the repair scripts for the services that are not included in the plug-ins of 
the Migration Tool. 


* NSS Admin Object: To repair the NSS admin object, execute the following on the 


target server, depending on the source server (NetWare or OES): 


/opt/novell/migration/sbin/serveridswap/scripts/repair/nss- 
adminrepair.sh -a «admindn dot format» -p «admin password» -s «source 
server [OES/NW]» -o «nssadmin object name with server context» 


where -a, -p, -s are mandatory parameters. If the source server is NetWare (NW), the - 
o option is required to create a new NSS admin object. 


For example: nss-adminrepair.sh -a admin.sales.novell -p test -s NW -o 
nssAdminUser.sales.novell 


Common Proxy: 


+ If the source is NetWare, to repair the common proxy on the target OES 11 SP3 
server, execute the following: 


/opt/novell/proxymgmt/bin/mignwproxy.sh -d «LDAP Admin FDN» -w 
«LDAP Admin Password» -i «LDAP-Server-IP-Address» -p «LDAP Secure 
Port» 


+ If the source is Linux, to perform common proxy migration on the target OES 11 
SP3 server, see Section 32.2.1, "Services that Are Using Common Proxy,” on 
page 261. 


NetStorage: To repair NetStorage, enter the following commands: 
/opt/novell/xtier/bin/xsrvcfg -D 
/opt/novell/xtier/bin/xsrvcfg -d «ipaddress» -c «context» 


where context is the value of the attribute CONFIG XTIER USERS CONTEXT in the 
/etc/sysconfig/novell/netstorel1 file. 


/usr/sbin/rcnovell-xregd restart 


/usr/sbin/rcapache2 restart 


10 Restart Server: Restart the target server for the changes to take effect. 


After successful completion of the Transfer ID migration, the target server functions with the 
source server's eDirectory identity. 


Back up eDirectory Database and NICI Keys 


Before performing Transfer ID, we recommend that you back up your eDirectory database and NICI 
keys on both the source server and the target server. If the Transfer ID fails or if you quit the scenario, 
you cannot perform any actions on the source server without restoring the server's DIB from the 


For more information about backing up and restoring eDirectory, see the NetiQ eDirectory 8.8 SP8 
Administration Guide. 


For more information about backing up and restoring NICI keys, see the Net/Q eDirectory 8.8 SP8 
Administration Guide. 
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12.1 


12.2 


Running Transfer ID Remotely 


NOTE: We recommend that you perform Transfer ID from the target OES 11 machine instead of 
performing it remotely. 


If you need to perform Transfer ID remotely, complete the prerequisite procedures in Chapter 9, 
"Preparing for Transfer ID," on page 61. When you perform Transfer ID remotely, after the IP address 
of the target server is changed with the IP address of the source server, the remote machine hangs. 
This happens because the IP address of the target server no longer exists. To perform Transfer ID 
remotely, use any of the following methods: 

* Section 12.1, "Using Two Network Interface Cards," on page 79 

« Section 12.2, “Using VNC,” on page 79 


* Section 12.3, "Using SSH,” on page 80 


Using Two Network Interface Cards 


To perform Transfer ID remotely: 


1. Connect to the secondary IP address of the target machine using an SSH client or VNC client. 
2. Follow Step 1 on page 68 to Step 10 on page 70. 


The connection will never be terminated because only the primary IP address of the target server 
changes during Transfer ID. 


Using VNC 


To perform Transfer ID by using the VNC client (TightVNC): 
1 Connect to the remote VNC client (TightVNC) running on the target server from your server or 
desktop by providing the IP address of the target server. 
2 On the command prompt enter, miggui to launch the application. 
3 Authenticate to both the source and target servers. 
4 Select Transfer ID as the migration type. 


You can either migrate all the services to an OES 11 server and then transfer the NetWare or 
OES server's identity, or only transfer the NetWare or OES server's identity to an OES 11 server. 


5 Perform Step 1 on page 68 (eDirectory Precheck) to Step 6 on page 69 (IP Change) in 
Section 10.6, "Run Transfer ID," on page 68. 


After changing the IP address, the TightVNC console will hang. 
6 Close the VNC client and then relaunch it. 
7 Connect to the VNC server by providing the new IP address from Step 5. 


8 To complete Transfer ID, perform Step 7 on page 69 (Hostname Change) to Step 10 on page 70 
(Restart Server) in Section 10.6, "Run Transfer ID,” on page 68. 
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123 Using SSH 


To perform Transfer ID by using the SSH console: 


Bh WN HM 


ol 


Connect to the target server using SSH. 

On the command prompt enter, miggui to launch the application. 
Authenticate to both the source and target servers. 

Select the migration type as Transfer ID. 


You can either migrate all the services to an OES server and then transfer the NetWare or OES 
server's identity, or only transfer the NetWare or OES server's identity to an OES server. 


Save the project and close the Migration Tool GUI. 


6 Run the scripts mentioned in Step 1 on page 71 (eDirectory Precheck) to Step 5 on page 73 (DIB 


Restore) in Chapter 11, “Using Migration Commands for Transfer ID,” on page 71. 


7 Save the project and close the Migration Tool GUI. 


10 


On the SSH terminal console, run the script mentioned in Step 6 on page 73 (IP Change) in 
Chapter 11, “Using Migration Commands for Transfer ID,” on page 71. 


After running these scripts, the remote machine hangs. 
Reconnect to the target server with the new IP address provided in Step 8. 


On the SSH terminal console, run the scripts mentioned in Step 7 on page 74 (Host Name 
change) to Step 8 on page 75 (Reinitialize Server) in Chapter 11, “Using Migration Commands 
for Transfer ID,” on page 71. 


To complete Transfer ID, run the scripts mentioned in Step 9 on page 75 (Repair) to Step 10 on 
page 78 (Restart Server). 
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13.1 


13.2 


Post Transfer ID Migration 


* Section 13.1, "Manually Configuring Quick Finder Service for Change in IP Address and 
Hostname,” on page 81 


* Section 13.2, "Cleanup Objects," on page 81 
* Section 13.3, "DFS Junctions Are Not Restored," on page 83 


Manually Configuring Quick Finder Service for 
Change in IP Address and Hostname 


On completion of the Transfer ID migration, you should manually configure some files in the 
QuickFinder service to change the IP address and the hostname. 


In the QuickFinder service, update the /var/lib/qfsearch/SiteList.properties file with the new 
IP address and hostname. 


In this example, assume that the existing hostname is hostname201.novell.com and the IP address is 
172.16.200.201. After Transfer ID migration, the new IP address is 172.16.200.101 and the hostname 
is hostname101.novell.com. 
1 Open the /var/lib/qfsearch/SiteList.properties file and search for the existing address: 
hostname201.novell.com=/var/lib/qfsearch/Sites/default@Alias:172.16.200.201 
2 Change the hostname and IP address in the file to the new hostname and IP address: 
hostname 101.novell.com=/var/lib/qfsearch/Sites/default@Alias:172.16.200.101 
3 Save the file. 
4 Restart Tomcat by entering xcnovell-tomcat6 restart. 


5 Restart Apache by entering rcapache2 restart. 


The QuickFinder service runs with the changed IP address. 


Cleanup Objects 


On completion of Transfer ID, some of the objects in eDirectory retain the temporary Linux server 
hostname. You can manually clean up the following objects from the target server. Even if the objects 
are not cleaned, they do not impact the performance of the target server. 

¢ Section 13.2.1, “AFP,” on page 82 

¢ Section 13.2.2, “CIFS,” on page 82 

* Section 13.2.3, “eDirectory,” on page 82 

¢ Section 13.2.4, “NSS,” on page 82 

* Section 13.2.5, “iPrint,” on page 82 

* Section 13.2.6, “DHCP, FTP, NTP and iFolder,” on page 83 
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13.2.1 


13.2.2 


13.2.3 


13.2.4 


13.2.5 


AFP 


If you decide to delete the proxy user name that has the old host name, you must recreate a new 
proxy user using YaST. 


1 Using iManager, delete the proxy user. The format of the proxy user is cn=afpProxyUser- 
«new hostname».«context of server». 


2 Using YaST, recreate the proxy user. 


yast2 novell-afp 


CIFS 


If you decide to delete the proxy user name that has the old host name, you must recreate a new 
proxy user using YaST. 


1 Using iManager, delete the proxy user. The format of the proxy user is cn=cifsProxyUser- 
«new hostname».«context of server». 


2 Using YaST, recreate the proxy user. 


yast2 novell-cifs 


eDirectory 


Delete the following objects that are present with the temporary Linux hostname: 


* SAS Service-<temporaryLinuxhostname> 

+ DNS AG <temporaryLinuxhostname> 

* IP AG «temporary IP address-temporaryLinuxhostname> 
* SSL CertificateDNS-<temporaryLinuxhostname> 


¢ SSL CertificatelP-<temporaryLinuxhostname> 


NSS 


* “Pools and Volumes" on page 82 


Pools and Volumes 


The pools and volumes created on the Linux server before performing Transfer ID are associated 
with the old host name. After Transfer ID perform the following: 
1 Using iManager, delete the pool and volume object containing the temporary Linux host name. 


2 (Conditional) If the target server contains pools or volumes that are not available on the source 
server, recreate these objects using Update NDS option from NSSMU. 


iPrint 


1 To delete the NDPSPrinter object, run the /opt /novell/iprint/bin/iprintcleanup.p1 script. 


For information on how to run the script, see Section 27.8, “Cleaning Up Stale Objects,” on 
page 238. 
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13.2.6 DHCP, FTP, NTP and iFolder 


These services require no additional steps after Transfer ID. 


13.3 DFS Junctions Are Not Restored 


If a volume on the source server is a DFS junction target, the junctions are not restored on the target 
server after Transfer ID migration. 


1 After performing Transfer ID, delete the ~DFSINFO.8-P file from the migrated volumes on the 
target server. 
2 Run VLDB repair to update the file from eDirectory. 


For more information about VLDB repair, see "Repairing the VLDB” in the OES 11 SP3: Novell 
Distributed File Services Administration Guide for Linux. 
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4 Troubleshooting Issues 


14.1 


14.2 


14.3 


* Section 14.1, "Copying NICI Keys Fails When Performing Transfer ID," on page 85 
* Section 14.2, "LUM Repair Fails When Performing Transfer ID," on page 85 


¢ Section 14.3, “On Completing Transfer ID migration, iManager or Novell Remote Manager is Not 
Accessible via a web browser on the Target Server," on page 85 


¢ Section 14.4, "System Might Hang on Terminating the IP Address Change Step when Performing 
the Transfer ID Scenario," on page 86 


¢ Section 14.5, "System Might Hang on Terminating the Hostname Change Step when Performing 
the Transfer ID Scenario," on page 86 


¢ Section 14.6, "On Failure of Migration and Restoring eDirectory to the Source Server, LDAP 
Does Not Bind," on page 87 


¢ Section 14.7, “eDirectory Error 626 on Performing Transfer ID Migration," on page 87 


¢ Section 14.8, "Transfer ID fails when NetStorage is Configured on the Source Server,” on 
page 88 


Copying NICI Keys Fails When Performing 
Transfer ID 


Description: If the source server is NetWare, copying NICI files fails due to DSMETER . NLM. 


Action: To resolve this issue, comment the line, “LOAD DSMETER'" in the autoexec .ncf file and 
restart the NetWare server before performing Transfer ID. 


LUM Repair Fails When Performing Transfer ID 


Description: The container admin performing Transfer ID is not part of the admingroup object or 
does not have supervisory permissions on all the users or groups in the admingroup object. 


Action: To resolve this issue, perform Transfer ID using either a treeadmin or a container admin. If 
you use a container admin, ensure that the admin has supervisory permissions on all users or groups 
in the admingroup object. 


On Completing Transfer ID migration, iManager or 
Novell Remote Manager is Not Accessible via a 
web browser on the Target Server 


Description: In the Transfer ID migration, certificates were not repaired properly in the Repair step. 
Action: 


1 Relaunch the project created for the Transfer ID migration, then authenticate to the target server. 


After successful authentication of the target server, the Transfer ID GUI is launched. The Finish 
and the Back buttons are highlighted. 
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14.4 


14.5 


2 Click Back to reach the Repair step, then run the Repair step again. 
3 Restart the target server for changes to be effective. 


System Might Hang on Terminating the IP Address 
Change Step when Performing the Transfer ID 
Scenario 


Description: Failure of the script to change the IP address or terminating the /P Change step 
manually might cause the system to hang. You must restart the target server and replace the service- 
specific configuration file with the backup file for the service. 


Action: To restore the original IP address of the target server, replace the «service».conf 
configuration file with the <service>.orig backup file for the service. 


For example, if eDirectory authentication fails on completion of the /P Change step, use the following 
command: 


cp etc/opt/novell/eDirectory/conf/nds.conf.orig etc/opt/novell/eDirectory/conf/ 
nds.conf 


where nds .conf.origis the backup service file on the target server and nds. cont is the 
configuration file created during execution of the /P Change step. 


System Might Hang on Terminating the Hostname 
Change Step when Performing the Transfer ID 
Scenario 


Description: Failure of the script to change the hostname or terminating the Hostname Change step 
manually might cause the system to hang. You must restart the target server and replace the service- 
specific configuration file with the backup file for the service. 


Action: To restore the original hostname of the target server, replace the <service>.conf 
configuration file with the <service>.orig backed up file of the service. 


For example, if iPrint authentication fails on completion of the Hostname Change step, use the 
following command: 


cp /etc/opt/novell/iprint/httpd/conf/iprint ssl.orig /etc/opt/novell/iprint/httpd/ 
conf/iprint ssl.conf 


where iprint ssl.origis the backup service file on the target server and iprint ssl.cont is the 
configuration file created during execution of the Hostname Change step. 
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On Failure of Migration and Restoring eDirectory 
to the Source Server, LDAP Does Not Bind 


To bind LDAP, you must modify the values of the LDAP configuration version of the LDAP server and 
LDAP group objects of the source server. 


If the LDAP server displays the message, "Config version 10 is greater than 8 in attribute" or a similar 
message, you must change the version attribute value of the LDAP group and server objects of the 
source server to 8. You can change the attribute values using either ConsoleOne or iManager. 


Using iManager, perform the following steps: 
1 Access iManager, then log in to the eDirectory tree where the source server you want to manage 
resides. 
2 In Roles and Tasks, select Directory Administration » Modify Object. 
3 Browse and select the LDAP server object of the source server, then click OK. 


4 On the General > Other tab, in Valued Attributes column, select /dapConfigVersion, then click 
Edit. 


5 Change the LDAP Configuration Version value as defined in the error, then click OK. 


For example, if the LDAP server displays the message, "Config version 10 is greater that 8 in 
attribute" or a similar message, you must change the LDAP Configuration Version attribute value 
of the LDAP server to 8. 


6 Click OK. 
7 Repeat Step 2 to Step 6 for LDAP group objects on the source server. 
8 Restart the LDAP module on the source server: 

On NetWare: 

unload nldap.nlm 

load nldap.nlm 

On OES 1, OES 2 Linux, or OES11 

nldap -u 

nldap -1 


After performing these steps, the server returns to the status before it was in before it was removed 
from the eDirectory tree. 


eDirectory Error 626 on Performing Transfer ID 
Migration 


1 Check the status of SLP by entering 
rcslpd status 
If SLP is not running, start SLP by entering 
rcslpd start 


For information on using SLP, see "Using SLP with eDirectory” in the NetIQ eDirectory 8.8 SP8 
Installation Guide. 


2 (Conditional) If SLP is not used, create a /etc/opt/novell/eDirectory/conf/hosts.nds file 
on the non-replica server that points to the master server and the container in which the user 
object is present. For more information, see the manpage hosts .nds. 
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Transfer ID fails when NetStorage is Configured 
on the Source Server 


During Transfer ID process, miggui tries to retrieve the proxy credentials for each of the services 
configured on the source server. If NetStorage is configured, its script returns the proxy user name in 
dot separated format instead of comma separated format. Due to this, miggui displays the following 
warning: "The source server is configured with both service proxy and common proxy. This is not a 
supported scenario and will cause failure of proxy user migration. Do you want to continue?" In this 
scenario, the OES services fail to launch after the transfer ID is complete. 


To resolve this issue, before starting the transfer ID process, update the source OES 2015 server with 
the latest patches, and reconfigure NetStorage using YaST » OES Install and Configuration, or by 
executing yast2 netstorage command. Complete the reconfiguration steps without altering any of 
the existing settings. 
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V Security Considerations 


* Chapter 15, "Security Considerations for Data Migration," on page 91 
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15.1 


15.2 


15.2.1 


Security Considerations for Data 
Migration 


This section describes how the Novell Open Enterprise Server 11 (OES 11) file system Migration Tool 
can be used in a secure environment. It provides information to help you ensure that authentication 
credentials and other sensitive data are not compromised through the use of the Migration Tool. 


For additional security implementation information, see "Security" in the OES 11 SP3: Planning and 
Implementation Guide. 

* Section 15.1, "Root-Level Access Is Required," on page 91 

* Section 15.2, "Securing User Credentials," on page 91 

* Section 15.3, "Mounting Remote File Systems," on page 93 

* Section 15.4, "Transmitting Data Across the Network," on page 93 


* Section 15.5, "Managing Passwords for Migrated Users," on page 93 


Root-Level Access Is Required 


To use the OES Migration Tool, you must be logged in to the target OES 11 server as root or a root- 
equivalent user. 


Securing User Credentials 


You can take precautions to ensure that authentication credentials (user names and passwords) are 
securely stored and retrieved when using the OES 11 Migration Tool. 
* Section 15.2.1, “How User Credentials Are Stored During a Migration,” on page 91 


* Section 15.2.2, "How Credentials Are Passed from the Migration GUI Utilities to the Migration 
Commands," on page 92 


¢ Section 15.2.3, "Managing Credential Storage with migcred," on page 93 
* Section 15.2.4, "Securing Credentials When Piping Commands," on page 93 


How User Credentials Are Stored During a Migration 


By default, neither the migration GUI utilities (File System Migration Utility) nor the command line 
tools (mls, migfiles, etc.) store the user names and passwords entered by the user running the 
migration. 


* "Migration Commands" on page 92 


* "Migration GUI Utilities" on page 92 
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Migration Commands 


When using the migration commands, administrators can choose to use the Novell Common 
Authentication Service Adapter (CASA) to store credentials during a migration, so that they are not 
prompted repeatedly for user names and passwords when authenticating to the source and target 
servers. This feature can be selected by adding the - -use-casa option in the migration commands. If 
this option is used, the user name and password information is stored in the CASA secret store. 


NOTE: As an alternative to using the - -use-casa option in the migration commands, you can set the 
MIG USE CASA environment variable by using the following export command: 


export MIG USE CASA-1 


You can set this environment variable in the shell init scripts so that every shell has it set. 


Various migration commands provide the - -use-casa option, which tells the command to obtain the 
credentials from the CASA store and not prompt the user for them. If the - -use-casa option is used 
and the credentials are not found in the CASA store, the command prompts for them and then stores 
them in the CASA store. 


The migration commands use the CASA API library to securely store and retrieve credentials from 
the secret store. 


Migration GUI Utilities 


The migration GUI utilities do not use CASA, nor do they store user credentials in any file format. 
Rather, the utilities accept the user credentials entered for the source server and target server and, 
after validating them (via secure or non-secure LDAP authentication), the utilities store this 
information in a proprietary cache. These credentials are used by the applications to execute various 
migration-related operations. For example: 


* Toretrieve NetWare source volumes, the File System Migration Utility issues an nwmap 
command. 

* To carry out migrations, the GUI utilities execute the required migration commands (mis, 
migfiles, maprights, maptrustees, etc.). 


The migration utility cache is flushed when the applications are closed. 


In a saved migration project, only the IP addresses of the source and target servers, the volume 
names, and any other migration options are stored in the .xm1 configuration file. When you open and 
rerun a saved project, you are prompted to re-enter the credentials. 


How Credentials Are Passed from the Migration GUI Utilities 
to the Migration Commands 


The GUI utilities execute migration commands within their process context and pass the user 
credentials whenever required or prompted through their process APIs, which can be hidden from the 
user. The GUI applications neither set the credentials in environment variables nor use the CASA 
store, even though the migration commands provide the option. 


To pass credentials to the migration commands, the GUI utilities open a terminal connected to the 
standard input and feed in the password to the command line prompt. 
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15.2.4 


15.3 


15.4 


15.5 


Managing Credential Storage with migcred 


As mentioned previously, administrators can choose to store user credentials in CASA so that they 
are not prompted for user names and passwords every time they perform a migration task. 


You can use the migcred command to control and manage what is stored in the CASA secret store. 
This command provides options to store, view, and delete information for a particular identity. With the 
necessary user credentials stored in CASA, user names and passwords can be retrieved as needed 
by other migration commands. 


Securing Credentials When Piping Commands 


Administrators might also want to pipe the output of one migration command to another, so they 
cannot feed user names and passwords to the commands through the console. Using the CASA 
secret store provides a way to protect this secure information when piping migration commands. 


The user must include the - -use-casa option when building the pipelines. For example: 


mls -s 192.168.131.135 -v V1 --use-casa | maptrustees -s 192.168.131.135 -r --use- 


casa 


Mounting Remote File Systems 


The OES 11 Migration Tool, which runs on the target OES 11 server, must mount the remote file 
systems of the source servers in order to obtain information about the source volumes and to copy 
the specified data to the target server. 


For NetWare and OES Linux migrations, the mis and migfiles commands use nwmap command to 
map to the remote volumes and read data from the _admin volume to validate the source path. The 
mls and migfiles commands unmount the file system upon termination. If a process is killed forcibly 
(kill -9), the mount point remains mounted and must be unmounted by the administrator. 


The mls command uses the nbackup tool to build the list of trustees. 


Transmitting Data Across the Network 


The OES Migration Tool uses Novell Storage Management Services (SMS) to copy data from OES 2 
Linux and OES 11 source servers. Data is not encrypted when it is transmitted across the network. 


Managing Passwords for Migrated Users 


When performing a tree-to-tree migration, you have the option to migrate users into the target 
server's eDirectory tree. If you are migrating users, you have two choices for passwords: 


* Generate random passwords for the migrated users (by using the -r option of the migtrustees 
command). When using this option, you must always pass the --newusers-password-file option 
so that the randomly generated passwords and user names are stored in the file. 

Or 


* Assign a specific password for all migrated users (by using the -s option of the migtrustees 
command). 
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If neither -r nor -s is used, users are created without a password and the user accounts are locked 
until they are manually assigned a password by the administrator, using iManager or other eDirectory 
management tools. Null passwords (-s "") are not allowed. 


The new passwords generated by the -r option are stored in a new file. To avoid password theft, 
dispose of this file in a secure manner after you have communicated the new passwords to their 
respective users. 
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VI Data Migration 


* Chapter 16, “Migrating File Systems to OES 11 SP3,” on page 97 
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16.1 


16.1.1 


Migrating File Systems to OES 11 SP3 


This section provides information on how to migrate the file system from an existing NetWare 6.5, 
OES 1 Linux, OES 2 Linux, or OES 11 server to an OES 11 SP3 server. In this section, the NetWare, 
OES 1 Linux, OES 2 Linux, and OES 11 servers are referred to as the source server and the OES 11 
SP3 server is referred to as the target server. 


The following sections provide more details on the migration procedure for the file system. 


* Section 16.1, "Preparing for File System Migration," on page 97 

* Section 16.2, "Migration Scenarios," on page 99 

* Section 16.3, "Moving Devices for Migrating Data from NetWare to OES 11 SP3,” on page 103 
* Section 16.4, “Migrating the File System Using the Migration GUI," on page 103 

* Section 16.5, "Synchronizing the File System Using the Migration GUI," on page 109 

* Section 16.6, "Migrating the File System Using Command Line Utilities," on page 110 

* Section 16.7, "Troubleshooting," on page 135 


Preparing for File System Migration 


To prepare your network for file system migration, complete the tasks in the following sections: 


* Section 16.1.1, "Source Server Requirements," on page 97 


¢ Section 16.1.2, "Target Server Requirements," on page 98 


Source Server Requirements 


* "NetWare Server" on page 97 
+ “OES 1, OES 2 Linux, or OES 11 Server" on page 98 


NetWare Server 


* Shut down any applications, products, or services (virus scan software, backup software, and so 
forth.) running on the server to be migrated. 


* Ensure that the latest version of Storage Management Services (SMS) is running on the source 
NetWare server. 


SMS updates can be downloaded from the Novell Downloads web site (http:// 
download.novell.com/patch/finder/#familyld=122). 


* When migrating data from a Traditional NetWare volume, ensure that the NPM files for NFS and 
the NFS name space are loaded on the Traditional NetWare Volumes. 


* Although data on the source server is not deleted as part of the migration, we recommend that 
you back up your data. 


Migrating File Systems to OES 11 SP3 97 


OES 1, OES 2 Linux, or OES 11 Server 


* 


Shut down any applications, products, or services (virus scan software, backup software, and so 
forth.) running on the server to be migrated. 


Ensure that the server is running OES 1, OES 2, or OES 11 with all the available patches in the 
channel. 


Ensure that Storage Management Services (SMS) and NetWare Core Protocol (NCP) is running 
on the server. 


Ensure that source volumes on OES 1, OES 2 Linux, or OES11 servers are NSS volumes, NCP 
volumes, or POSIX volumes. 


NOTE: The Migration Tool GUI does not support POSIX file system migration. Create an NCP 
volume with the POSIX path that you want to migrate, then migrate the NCP volume. 


To migrate data from NCP volumes on OES 1, OES 2, or OES 11 server, ensure that the user 
performing migration has read/write/access rights to back up the files on the NCP volume. 


To perform migration, the user must have read/write/access permissions to the source server. 


16.12 Target Server Requirements 


* 


* 


Ensure that the server is running OES 11 SP3. 


Services to be migrated must be installed and configured on the target server. 


The following additional prerequisites must be met for NSS and NCP target volumes: 


* 


* 


"For NSS Target Volumes" on page 98 
"For NCP Target Volumes" on page 98 


For NSS Target Volumes 


o 


o 


Using Migration GUI, if you have configured the file system and for some reason the mount point 
of NSS volumes change, you must reconfigure the paths for the file system. 


Create the NSS volumes to which you will migrate the data. Ensure that you allocate sufficient 
space for the volume to hold all of the source data. 


Ensure that the target volumes have similar properties to the source volumes. For example, if 
compression is turned on for the source volume, turn on compression for the target volume as 
well. The same applies to user quotas and other NSS features. 


Using CLI, if you want to use the CASA secret store to store user names and passwords during 
migration (via the --use-casa option), ensure that the following RPM is installed on the OES 
server: 


CASA-1.7.XXX.rpm 
Restart the CASA daemon by entering the following command: 


/etc/init.d/micasad restart 


For NCP Target Volumes 


o 


Create NCP volumes to which you will migrate the data. 
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16.2.1 


16.2.2 


C] Ensure that the user performing the migration has read/write/access rights to the POSIX path 
that corresponds to the NCP volume. 


C] Although data is successfully migrated to the clustered NCP target volumes, trustee migration is 
not supported. 


Migration Scenarios 


The procedures for migrating file system data from the NSS volumes or Traditional volumes on 
NetWare, or from the NSS volumes on OES, vary depending on whether the source server and target 
server are in the same eDirectory tree or in different eDirectory trees. This section covers the 
following scenarios: 

* Section 16.2.1, "Consolidating Data to a Server in the Same Tree," on page 99 

* Section 16.2.2, "Consolidating Data to a Server in a Different Tree," on page 99 

* Section 16.2.3, "Migrating Compressed Files," on page 100 

* Section 16.2.4, "Data Migration for Clustered Volumes," on page 100 

* Section 16.2.5, "Data Migration for DST Volumes," on page 101 

* Section 16.2.6, "Transfer ID," on page 102 

* Section 16.2.7, "Migration Procedure," on page 102 


NOTE: For more information about migration scenarios, see Chapter 1, "Overview of the Migration 
Tools,” on page 15. 


Consolidating Data to a Server in the Same Tree 


The source file system volumes are migrated to the target file system volumes within the same 
eDirectory tree. 


The following are migrated from the source server to the target server: 


* Volumes, folders, and files 


* Trustee rights for files 


Consolidating Data to a Server in a Different Tree 


The source file system volumes are migrated to the target file system volumes in a different 
eDirectory tree. 
The following are migrated from the source server to the target server: 

* Volumes, folders, and files 

* Trustee rights for files 

* Create users in the target's file system volumes 

* An option to set a default global password for the new users created on the target server 
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16.2.3 


16.2.4 


Migrating Compressed Files 


In any of the following scenarios, compressed files are seamlessly migrated from the source server to 
the target server: 


* Source server volumes and target server volumes are compression enabled. 


* Source server volumes are compression enabled and the target volumes are not enabled for 
compression. Migration GUI uncompresses the migrated files on the target server volume. 


* Source server volumes are not enabled for compression and the target volumes are 
compression enabled. The Migration GUI compresses the migrated files on the target server 
volume. 


The compress and uncompress commands run as a backend process in the migration GUI. 


Data Migration for Clustered Volumes 


You can perform data migration by upgrading only the cluster nodes or both the cluster nodes and 
storage: 


* "Upgrading NetWare Cluster Nodes" on page 100 
* "Upgrading NetWare Cluster and Shared Storage" on page 100 


Upgrading NetWare Cluster Nodes 


One or more NetWare nodes are replaced with OES 11 SP3 nodes. Novell Cluster Services support a 
rolling server upgrade. In this scenario, one or more NetWare nodes can be replaced with OES 11 
SP3 nodes. For more information, see "Converting NetWare Cluster Nodes to OES (Rolling Cluster 
Conversion)" in the OES 11 SP3: Novell Cluster Services NetWare to Linux Conversion Guide. 


Upgrading NetWare Cluster and Shared Storage 


All nodes and shared storage is replaced with a new cluster with OES 11 SP3 configured on a new 
shared storage. You can migrate cluster NSS volumes from a NetWare cluster to a new Linux cluster 
with the Migration Tool. 


The Migration Tool provides two options to perform the cluster migration: Is Cluster Resource and 
Follow Cluster Resource. 


If you select the Follow Cluster Resource option, migration continues uninterrupted during cluster 
resource migrations to different cluster nodes. This option is valid only on the source server clusters. 
When migrating data to cluster NSS volumes on the target server, migration stops when the resource 
migrates to a different node. To continue the migration, you must make the resource active on the 
target server. 


If this option is not selected, migration stops when the resource migrates to a different node on the 
source server. Once the resource comes up on the different node, restart the migration to continue 
the migration from where it failed. The Migration Tool supports only source NSS volumes for 
migration. 
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Data Migration for DST Volumes 


When performing migration for DST volumes, the data is migrated for only the primary volume; it does 
not include the secondary volume. To perform migration for all the volumes, remove the shadow 
volume relationship of the DST server. 


When performing the migration, consider the following: 


Source Server as DST 


* The target server can be a DST server or a non-DST server. 
¢ Stop the DST policies before performing the migration. 


For more information about stopping the policies, see “Stopping a Running Policy" in the OES 11 
SP3: Dynamic Storage Technology Administration Guide. 


* 


Only the data that is stored on the primary volume of the source server is migrated to the target 
server. 


* 


To migrate the data from all the volumes of the source server, remove the shadow volume 
relationship on the source server. 


For more information about removing the shadow volume relationship, see“Removing the 
Shadow Relationship for a Clustered DST Volume Pair" or "Removing the Shadow Relationship 
for a Non-Clustered DST Shadow Volume" in the OES 11 SP3: Dynamic Storage Technology 
Administration Guide. 


* 


Configure the file system GUI to perform migration. For more information, see Section 16.4, 
"Migrating the File System Using the Migration GUI," on page 103. 


Target Server as DST 


* The source server can be a DST or non-DST server. 


* 


Stop the DST policies before performing the migration. 


For more information about stopping the policies, see "Stopping a Running Policy" in the OES 11 
SP3: Dynamic Storage Technology Administration Guide. 


* The data is migrated from the source server to only the primary volume of the target server. 


* 


To migrate the data from the source server to all the volumes on the target server, remove the 
shadow volume relationship on the target server. 


For more information about removing the shadow volume relationship, see "Removing the 
Shadow Relationship for a Clustered DST Volume Pair" or "Removing the Shadow Relationship 
for a Non-Clustered DST Shadow Volume” in the OES 11 SP3: Dynamic Storage Technology 
Administration Guide. 


* 


Configure the file system GUI to perform migration. For more information, see Section 16.4, 
"Migrating the File System Using the Migration GUI," on page 103. 


For Example: 


Consider a scenario where you are migrating data from a source non-DST server to a target DST 
server. The source server has volumes Vol1, Vol2, Vol3 of 3 GB each. The target server contains the 
primary volume Vol4 with 1 GB and a secondary volume Vol5 with 10 GB. In this scenario, you can 
migrate the data by using any of the following: 

* “Migrating without the Shadow Volume Relationship:” on page 102 


* "Migrating with the Shadow Volume Relationship:" on page 102 
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Migrating without the Shadow Volume Relationship: When the shadow volume relationship is 
removed from the target server, it acts as a non-DST server and the migration can be performed 
normally. 


To migrate the data, complete the following steps: 


1 Remove the shadow volume relationship. For more information, see "Removing the Shadow 
Relationship for a Clustered DST Volume Pair" or "Removing the Shadow Relationship for a 
Non-Clustered DST Shadow Volume" in the OES 11 SP3: Dynamic Storage Technology 
Administration Guide. 


2 Configure the file system GUI to perform migration. For more information, see Section 16.4, 
"Migrating the File System Using the Migration GUI," on page 103. 


Migrating with the Shadow Volume Relationship: Only 1 GB of data from the source server can 
be migrated to the primary volume Vol4 of the target server. If you need the data on all the volumes of 
the source server to be migrated to the target server, complete the following steps: 


NOTE: You must to stop the DST policies temporarily before performing the migration. 


1 Stop the existing DST policies. 


2 Create a project to migrate the data less than or equal to 1 GB from the source server to the 
target server. 


3 Perform the migration. 


4 (Conditional) If some files or folders were open on the source server and did not get migrated to 
the target server, perform synchronization. 


Synchronization must be performed before performing the next step. 


5 Configure a DST policy on the target server to move the migrated data from the primary volume 
to the secondary volume. 


As a result, there is space available on the primary volume of the target server to migrate 
additional data from the source server. 


6 Stop the DST policy after the required data is moved from the primary volume Vol4 to the 
secondary volume Vol5. 


7 Repeat Step 2 to Step 6 until all data is migrated. 


16.2.6 Transfer ID 


In the Transfer ID scenario, several tasks are executed to transfer the server identity of the source 
server to the target server. In the Migration Tool GUI, the file system is configured and then migrated. 
After successful migration of all of the services, click Transfer ID. For more information, see Part IV, 
"Transfer ID Migration," on page 59. 


16.2.7 Migration Procedure 


102 


Use either of the following methods to perform a file system migration: 


* Section 16.4, “Migrating the File System Using the Migration GUI," on page 103 
* Section 16.6, "Migrating the File System Using Command Line Utilities," on page 110 
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Moving Devices for Migrating Data from NetWare 
to OES 11 SP3 


You can move devices containing NSS volumes from NetWare to an OES 11 server by 
decommissioning the volumes on the device in eDirectory, then recommissioning the volumes on the 
new server. For more information, see "Moving Non-Clustered Devices From NetWare 6.5 SP8 
Servers to OES 11 SP3" in the OES 11 SP3: NSS File System Administration Guide for Linux. 


For shared NSS pools and volumes, Novell Cluster Services provides this service automatically 
during a rolling cluster conversion from NetWare to OES 11. For information about converting shared 
pool cluster resources and service resources, see the OES 11 SP3: Novell Cluster Services NetWare 
to Linux Conversion Guide. 


Migrating the File System Using the Migration GUI 


After you have completed the prerequisite procedures in Section 16.1, "Preparing for File System 
Migration," on page 97, you are ready to migrate the source server. 
1 Launch the Migration Tool from the target server, using either of the following methods: 


Desktop: Click Computer» More Applications» System » Novell Migration Tools to launch the 
Migration GUI. 


Terminal Prompt: Log in as the root user and at a terminal prompt, enter miggui 
2 Enter authentication credentials for the source server. 


(Optional) Is Cluster Resource: This option supports only the Migrate scenario; it does not 
support Transfer ID. If you want to migrate data in a cluster environment, you can perform either 
of the following: 


* Migrating Cluster Volumes: In the Source Server Authentication screen, specify the 
cluster resource IP and select the /s Cluster Resource option. When configuring file system, 
the Volume Information tab displays all cluster volumes from the cluster resource as part of 
the source volume. 


* Migrating Non Cluster Volumes from a Cluster Node: In the Source Server 
Authentication screen, specify the cluster node IP; do not select the /s Cluster Resource 
option. When configuring file system, the Volume Information tab displays all non-cluster 
volumes present on the source server. 


3 Enter your authentication credentials for the target server. 
4 Select the type of migration you want to perform: Migrate or Transfer ID. 
5 |n the Services panel, click Aad, select File System. 


The Status of the file system service is Not Configured. 


IMPORTANT: File system is listed in the Service panel list only if it is installed and configured on 
the target server. 


6 To configure migration parameters for the file system, select File System, then click Configure. 


Tabs Purpose 


Volume Information Identify the volumes or folders that you want to move from the selected source 
server to a selected target server. By default, all of the data in the volumes or 
folders that you select for migration in the source server tree is migrated to the 
target server. 
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Tabs Purpose 


File Options Customize the files and quotas that are migrating to the target server. You can also 
specify the home directory location and set options to synchronize the file system. 


Trustee Options You can migrate the trustee rights of the users and groups from the source server 
to the target server. You can also specify the global password for the new users 
created on the target server. 


This tab is enabled only in a Different Tree scenario. 


Match User Options You can specify which users to migrate and how to handle the migration if the user 
already exists on the target server. 


This tab is enabled when you select the Custom User mapping option in the 
Trustee Options page. 


In the Volume Information tab, in the Source Server tree, select the volumes or folders that you 
want to migrate, then drag and drop them into the Target Server tree. The names of the source 
cluster volumes can only include " " as a special character to be listed in the Source Server tree. 


IMPORTANT: You cannot migrate a DFS junction. A DFS junction is displayed under the source 
tree as a folder because this junction appears in the file structure as a directory. Under Volume 

Information, the DFS junction can be dragged to the target server tree, but actually, the junction 
and the data is not migrated to the target server and the migration fails. 


When migrating a directory to an existing file system (NSS, NCP volume, or Linux POSIX 
volume), there are access rights set on the target location that can be inherited by the folder and 
its contents after migration. This is either the trustees and trustee rights in the case of NSS and 
NCP, or the ACLs (access control lists) for Linux POSIX. You must modify the settings as needed 
to ensure that the files are available only to authorized users before you allow users to access 
the data in the new location. 


NOTE: In the Source Server tree, you cannot expand volumes or folders that are copied to the 
Target Server tree. 


For an explanation of the different tasks that can be performed in the Volume Information tab, 
refer to the following table. 


Task Description 


Target Location After you have selected volumes and folders for migration, you might want 
to identify the path of the folder or volume moved to the target server. 


In the Source Server tree, right-click the volume or folder that is selected for 
migration, then click Target Location from the drop-down menu. The tree in 
the Target Server view expands to display the volume or folder that was 
copied from the source server. 
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Task Description 


Source Location After you have selected volumes and folders for migration, you might want 
to identify the path of the folder or volume moved from the source Server. 


In the Target Server tree, right-click the volume or folder that is highlighted 
for migration, then click Source Location from the drop-down menu. The 
tree in the Source Server view expands to display the volume or folder that 
was copied to the Target Server. 


Target Server 


- [55 Fest 
Expand 


Source Location 


Volumes or Folders selected The volumes or folders that are selected for migration are highlighted in 


for migration blue in the Source Server tree and the Target Server tree. 

Removing Volumes or In the target server tree, right-click the volume or folder that you have 
Folders from the Target decided not to migrate, then select Undo. The folder no longer appears 
Server under the target server tree and is no longer a candidate for migration. 
Follow Cluster Resource Select this option to perform uninterrupted migration when cluster 


resources migrate to different cluster nodes. This option is valid only on the 
Source server clusters. 


For example, when a failure occurs on one node of the cluster, the 
resources are relocated to another node in the cluster. The Migration Tool 
connects to the cluster instead of the individual server and performs an 
uninterrupted migration during this failure. 


If this option is not selected, migration stops when the resource migrates to 
a different node. When the resource comes up on a different node, run the 
migration project again. The Migration Tool ensures that the migration 
process resumes from the state where it stopped. 


When migrating data to cluster volume on the target server, migration stops 
when the resource migrates to a different node. To continue the migration, 
you must make the resource active on the target server. 


8 Click the File Options tab, then click OK to accept the defaults. 
Or 


Use the options to customize the files and quotas to migrate to the target server, then click OK to 
save the settings. 


For an explanation of the different tasks that can be performed in the File Options page, refer to 
the following table. 
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Task 


Duplicate File 
Resolution 


Quotas 


File Filters 


Home Directory 
Options 


Description 


Determines what action to take when a file copied from the source server has the 
same file name as an existing file on the target server. Specify one of the following 
resolutions: 


* Always Copy Source File (default): The migrated file always overwrites the 
existing file. 


* Never Overwrite Existing File: The file from the source server is not migrated 
if a file of the same name exists on the target server. 


* Copy if Newer: The migrated file overwrites the existing file on the target 
server, only if its last modified date is newer than the existing file's date. This 
option is applicable only for data migration. 


This option is applicable only for data migration. 


NOTE: If you are migrating to a different file system (NSS to NCP volumes or from 
NSS to Linux POSIX volumes) on the target server, user quotas and directory quotas 
are not valid. 


* Exclude User Quotas on Source: The user quotas from the source server are 
not copied to the target server. 


* Exclude Directory Quotas on Source: The directory quotas from the source 
server are not copied to the target server. 


* Disable Quota Checks on Target: The user and directory quotas set on the 
target server are ignored by the Migration Tool when a data copy is performed. 


Determines which files to include for migration. If no filters are set, all files are 
migrated. You can specify the files that you want to migrate by specifying the date 
range or you can exclude the files from migrating by specifying the file names or file 
extensions. 


* Last Accessed/ Last Modified: The date range to include files for migration. 


* Exclude File(s): The file names or file extensions to exclude from migration. 
Wildcards (*) are permitted. For example: * . mp3, * . mov, *.tmp, 
samplefile.txt,"my sample file.txt." 


Specifying * . mp3 excludes all files with an extension of .mp3 from being 
migrated. Specifying samplefile.txt excludes all samplefile.txt files from 
being migrated. 


Specify the target server path for the users whose home directory you are migrating 
from the source server. 


For example, If the users's home directory path on the source server is /media/ 
nss/VOL1/users and the target path where the users will be migrated is /media/ 
nss/VOL2/users, then specify the path in the Home Directory Options as /media/ 
nss/VOL2/users. After successful migration, the home directory of the users is 
updated with the new target server path. 


NOTE: If you are performing migration across multiple volumes, you cannot specify 
multiple home directory paths. 
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Task Description 


Sync Options The Sync option performs synchronization of the target server with the source server. 
After the file system migration is complete, if the source server is updated with new 
information, you can use the Sync option to synchronize the servers. The Sync option 
is available in the main Migration GUI window. 


Delete Files Not On Source: During synchronization of the servers, additional files 
or folders on the target servers are deleted that are not available on the source 
server. 


Delete Trustees Not On Source: This option is enabled only for a Same Tree 
migration. Set this option to update trustee information on the target server when 
trustees are deleted on the source volume after the migration or synchronization 
completes. Trustee information that is not on the source server is deleted from the 
target server. 


Copy Trustees Only At The Directory Level: Synchronizes trustees only at the 
directory level. Trustees for files are not synchronized. 


Do Not Copy Trustees: The user rights on the source server folders are not synced 
to the target server. 


Login Options This option indicates whether you want users to be logged in during the data 
migration. 


Disable Login On Source: If you disable user login, the users cannot log in to the 
network and modify the open files during the file copy. Users already logged in to the 
Source server are not logged out, but no new logins are allowed until the migration 
completes. 


Click the Trustee Options tab, then click OK to accept the defaults and migrate the trustee rights 
of users and groups on the source server to the target server. 


or 


Use the options to customize the file trustee options to migrate to the target server, then click OK 
to save the settings. 


For an explanation of the different tasks that can be performed in the Trustee Options tab, refer 
to the following table. 


NOTE: In the Same Tree scenario, the Trustee Options tab is disabled. 
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Task Description 


Trustee Specify an option to migrate trustee rights of users and groups from the source server to 
Migration the target server. 


* Do Not Migrate Trustees (default): The user rights to the access folder on the 
Source server are not migrated to the target server. 


* Flatten Trustees: The users on the source server are migrated to a selected 
context on the target server, irrespective of whether the users are in a different 
context on the source server. 


* Target Context to flatten the users: Select the context on the target server 
to migrate all the users. 


* Custom User Mapping: Users on the source volume are mapped with the users 
on the target server. When you select this option, the Match User Options tab is 
enabled, which enables you to select the users from the source server or the 
target server, and then assign migration options. 


* Search Context to map users: Select the context on the target server to 
match the users. 


Existing User A user name on the source server has a corresponding user name on the target server. 
Options You can overwrite the trustee details of the user on the target server, or ignore the user. 


* Ignore All: Do not create users on the target server. 


* Overwrite All: Overwrite the users on the target server. 


New User Specify the global password for the new users created on the target server. 


Options 
eDirectory Password: Specify the password for the users to use, when they log in for 


the first time on the target server. 


IMPORTANT: If password restrictions are set for users on the source tree, you must 
specify a default password; otherwise, migrating users in a different tree scenario might 
fail. 


10 (Conditional) If the Match User Options tab is enabled, click it, then continue with Step 10a to 
specify which users to migrate and how to handle the migration if the user already exists on the 
target server. 


Or 


If the Match User Options tab is not enabled, click OK to save your file system migration setup 
and return to the main Migration Tool window, then continue with Step 12. 


10a To view the list of users on the source server and target server, click Map Users, then select 
how to handle the users. 


NOTE: In a migration project, if you select multiple volumes for migration that are 
associated with the same users, then when mapping users, the source displays a duplicate 
user list. 


* Existing or Mapped Users: A user name on the source server has a corresponding 
user name on the target server. If the users are mapped, only the trustee details are 
migrated. 


* New Users: Users do not exist on the target server. Create new users on the target 
server, or ignore the users. 
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16.5 


16.5.1 


10b This is a global setting for all the users. Specify one of the following options to migrate users 
or ignore users. 


* Ignore All: Do not migrate the new users. Only existing users are migrated to the 
target server. 


* Create All: Create all users on the target server. 


10c (Optional) To specify settings for individuals and groups that override the global handling of 
user migration, click the user name, then assign one of the migration options from the drop- 
down menu: 


* Create: Create users on the target server and assign the trustee rights. 


The users are created on the target server that is using the same FDN as the source 
server. The search context is used only to match the source server users to the target 
server users in that context. 


* Ignore: Ignore the user and do not assign the trustee rights of the source user. 


* Browse: Assign an equivalent user by browsing the same context or a different 
context on the target server and assigning trustee rights. 


11 After you have finished configuring the parameters in each tab, click OK to save your file system 
migration setup and return to the main Migration window. 


12 Click Migrate on the main migration window to begin the migration. 


The log files for the file system are located at /var/opt/novell/migration/«project name»/log. 
The following log files are created during file system migration: 


filesystem.log: This stores the information about the command sequence and errors encountered 
during migration. 


filesystem.success.log: This stores the list of all successfully migrated files. 


filesystem.delete.log: This stores a list of files deleted from the target server that are not available 
on the source server when performing the sync. This log file is updated with the list of deleted files, if 
you have selected the option Delete Files Not On Source in the File Options tab. 


Synchronizing the File System Using the 
Migration GUI 


When performing synchronization, the service details (data, trustee, and so forth) on the target server 
are compared with the source server and the updated information is migrated to the target server. You 
can perform synchronization in the following two scenarios: 

* Section 16.5.1, "Same Tree," on page 109 


* Section 16.5.2, "Different Tree," on page 110 


Same Tree 


After a successful migration, you are ready to perform synchronization for any new or modified files or 
trustee rights. 
1 Launch the Migration Tool on the target server. 
2 Open the migration project for which you need to perform synchronization. 
The status of the file system is “Migrated on «Date and Time of successful migration>”. 


3 Authenticate the source server and target server. 
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4 (Conditional) You can modify only a few options for the file system. In the Services to Migrate 
panel, select File System, then click Configure. In the File system GUI, File Options tab only the 
Duplicate File Resolution, Login Options, and Sync Options are enabled and can be modified. 


5 |n the main Migration Tool GUI, click Sync. 


All the new or modified files or trustee rights on the source server are migrated to the target 
server. 


16.5.2 Different Tree 


After a successful migration, you are ready to perform synchronization for any new or modified files or 
trustee rights. 
1 Launch the Migration Tool from the target server. 
2 Open the migration project for which you need to perform synchronization. 
The status of the file system is “Migrated on «Date and Time of successful migration>”. 
3 Authenticate the source server and target server. 


In the File system GUI, File Options tab only the Duplicate File Resolution, Login Options, and 
Sync Options are enabled and can be modified. 


3a (Conditional) In the Trustees Options tab, if you have selected the Custom User Mapping 
option, you must remap the users on the source volume with the users on the target volume 
in the Match User Options tab. 


4 In the main Migration Tool GUI, click Sync. 


All the new or modified files or trustee rights on the source server are migrated to the target 
server. 


16.6 Migrating the File System Using Command Line 
Utilities 
This section provides information on how to use the command line to migrate a file system running on 
NetWare, OES 1 Linux, OES 2 Linux, or OES 11 to OES 11. 


NOTE: All the migration commands must be run on the target server. 


This section covers the following scenarios: 


* Section 16.6.1, "Migrating Data to a Server in the Same Tree," on page 111 
* Section 16.6.2, "Migrating Data to a Server in a Different Tree," on page 112 
* Section 16.6.3, "Migrating Data to a POSIX File System," on page 117 

* Section 16.6.4, "File System Migration Commands," on page 119 

¢ Section 16.6.5, “Additional Migration Options,” on page 133 
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16.6.1 Migrating Data to a Server in the Same Tree 


This section describes how to migrate file system data from a NetWare, OES 1 Linux, OES 2 Linux, or 
OES 11 server to an OES 11 server in the same eDirectory tree. 


* "Migrating the Data" on page 111 


* "Examples" on page 111 


* "Limitations" on page 112 


Migrating the Data 


The migfiles command migrates files and directories. If you need to modify the home directories of 
the migrated users, you also need to use mls, maptrustees, and migtrustees. 


1 (Conditional) If you need to modify the home directories of the migrated users, run the following 
command: 


mls 
2 Run the migfiles command to copy the data from the source server to the target server. 


3 (Conditional) If you need to modify the home directories of the migrated users, run the following 
commands in the order specified: 


maptrustees 


migtrustees 


Examples 


The following examples illustrate ways to use the various options available for the migration 
commands. 


* "Volume-to-Volume Migration" on page 111 
* "Directory-to-Directory Migration" on page 111 
* "Volume-to-Directory Migration (NSS Volume to NCP Directory)" on page 112 


+ “Remapping Home Directories" on page 112 


Volume-to-Volume Migration 


This command migrates all data from the Traditional or NSS volume SRCVOL1 on the source server 
with the IP address 192.168.1.3 to the target server's TGTVOL1 volume with verbose output: 


migfiles -s 192.168.1.3 -V SRCVOL1 -v TGTVOL1 -i 


Directory-to-Directory Migration 


This command migrates data from the Traditional or NSS path DATA: impstuff on the source server 
with the IP address 192.168.1.3 to the stu££ directory on the NSS volume NSS1 with verbose output: 


migfiles -s 192.168.1.3 -V DATA:impstuff -x /media/nss/NSS1/stuff -i 
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Volume-to-Directory Migration (NSS Volume to NCP Directory) 


This command migrates data from the Traditional or NSS volume named DATA on the source server 
with the IP address 192.168.1.3 to the newdir directory on the NCP volume NCP1 located at path / 
data/ncp1 without verbose output: 


migfiles -s 192.168.1.3 -V DATA -x /data/ncpl/newdir 


Remapping Home Directories 


These commands migrate the VOL1 volume on the source server 192.168.1.3 to the VOL1 volume 
on the target server 192.168.1.4. The -H option in the maptrustees command is used to remap the 
home directories of the users to the target server. 
1 Create a list of files and associated rights on the source volume: 
mls -s 192.168.1.3 -V VOL1 > mls.yaml 
2 Copy the data from the source volume to the target volume: 
migfiles -s 192.168.1.3 -V VOL -x /media/nss/VOL1 -i 
3 Map the trustees and home directories from the source server to the target server: 


maptrustees -s 192.168.1.3 -H /media/nss/VOL1/users/--map-homedir-only 
mls.yaml> maptrustees.yaml 


The -H option is a path to the base directory that includes all the home directories. 
4 Migrate the information generated in the previous step: 


migtrustees -d 192.168.1.4 -m maptrustees.yaml 


Limitations 


If you have user space restrictions set on a source NSS volume, the restrictions are migrated to target 
NSS volumes if you do a full volume migration. 


16.6.2 Migrating Data to a Server in a Different Tree 


When the source server and target servers are in different eDirectory trees, your file system user and 
group trustees must be migrated from the source tree to the target tree, along with their associated 
data. The maptrustees and migtrustees commands are used to migrate users and groups 
assigned as trustees in the source tree to the target tree. Alternatively, you can use Identity Manager 
to migrate the eDirectory users and groups, and then use the migmatchup command to match the 
user from the source server to the target server. Use the maprights and migrights commands only 
if the user and the group structure has changed during the migration. 


+ “Migrating the Data" on page 113 
* "Examples" on page 113 


* "Limitations" on page 116 
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Migrating the Data 


The main command to use is migfiles. To map the trustees (users and groups) from the source tree 
to the target tree, you need to use mls, maptrustees, and migtrustees. If you are reorganizing the 
trustees (migrating to a different context), you also need to use mls, maprights, and migrights to 
map the trustee rights. 


To migrate the data from a source NetWare server or OES server in one eDirectory tree to the target 
Linux server in another tree: 


1 You can either migrate the source server trustees to the target server or map the source server 
trustees with the target server. 
* To migrate the trustees, run the following commands in the order shown: 


mis 
maptrustees 
migtrustees 


* To map the trustees, run the following commands in the order shown: 
mls 
migmatchup 
2 Run the migfiles command to copy the data from the source to the target server. 


3 (Conditional) If you are migrating users and groups to a different context or matching the user 
with a different name, run the following commands in the order shown: 


maprights 
migrights 


Examples 


* "Tree-to-Tree Migration Using the Migration Tool to Migrate Trustees" on page 113 


* "Tree-to-Tree Migration Using the Migration Tool to Migrate Trustees and Flatten the Trustee 
Structure" on page 114 


* "Tree-to-Tree Migration with Trustees Already Migrated to the New Tree and Reorganized in the 
New Tree." on page 115 


Tree-to-Tree Migration Using the Migration Tool to Migrate Trustees 


The following example shows how to migrate data from a source NetWare server in one tree to a 
target OES 11 server in another tree. In this example, the target volumes are NSS volumes, and the 
users are to be migrated to the same context in the target tree. 


1 Create a list of files and trustees on volume V1 on the source server with IP address 
192.168.1.3: 
mls -s 192.168.1.3 -V V1 » mls.yaml 

2 Map the trustees on the source server and output the list to a file: 


maptrustees -s 192.168.1.3 -H /media/nss/VOL1/users/ mls.yaml > 
maptrustees.yaml 


The -H option replaces the home directory of the source server user with the new home directory 
specified by the -H option. The -H option is a path to the base directory that includes all the home 
directories. If the users don't have home directories, this option doesn't need to be used. 


3 Migrate the trustees to the target server: 


migtrustees -d 192.168.1.67 --specific-password novell maptrustees.yaml 
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If you want to assign each user a random password, use the - -random-password option; it 
stores the passwords in a file. To avoid password theft, dispose of the password file in a secure 
manner after you have communicated the new passwords to their respective users. 


(Conditional) When migrating to an NCP Linux volume, if you want to preserve file ownership in 
the target tree, you should LUM-enable the migrated users before continuing. For information 
about LUM-enabling users, see “LUM Implementation Suggestions" in the OES 11 SP3: 
Planning and Implementation Guide. 


Migrate the data from source volume V1 to target NSS volume VOL 1: 
migfiles -s 192.168.1.3 -V V1 -x /media/nss/VOL1/ -i 


After the users have been migrated (this only needs to be done once), additional data volumes 
can be migrated. Repeat Step 1 to Step 5 to migrate other volumes on the source server. 


Tree-to-Tree Migration Using the Migration Tool to Migrate Trustees and Flatten 
the Trustee Structure 


The maptrustees command includes a -k option that allows you to migrate users to a different 
context in the target tree. When you do this, the container hierarchy is flattened. 


For example, suppose your source eDirectory tree looks like the one shown in Figure 16-1. 


Figure 16-1 Source eDirectory Tree Structure 
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When the users are migrated to ou-test.o-novell, the resulting tree structure is shown in Figure 16-2. 


Figure 16-2 Target eDirectory Tree Structure 
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The following example shows how to migrate data from a source NetWare, OES 1 Linux, OES 2 
Linux, and OES 11 server in one tree to a target OES 11 server in another tree. In this example, the 
target volumes are NCP Linux volumes and the new user context is ou=new-context . o-company. 


1 Create a list of files and trustees on volume SRCVOL on the source server with IP address 
192.168.1.3: 
mls -s 192.168.1.3 -V SRCVOL » mls.yaml 

2 Map the trustees on the source server and output the list to a file: 


maptrustees -s 192.168.1.3 -H /usr/novell/NCP1/homes/ -k 'ou-new- 
context,o-company' mls.yaml » maptrustees.yaml 


The -H option replaces the home directory of the source server user with the new home directory 
specified by the -H option. The -H option is a path to the base directory that includes all the home 
directories. If the users don't have home directories, this option doesn't need to be used. 


3 Migrate the trustees to the target server: 
migtrustees -d 192.168.1.67 --specific-password novell maptrustees.yaml 


If you want to assign each user a random password, use the - -random-password option; it 
stores the passwords in a file. To avoid password theft, dispose of the password file in a secure 
manner after you have communicated the new passwords to their respective users. 


4 (Conditional) When migrating to an NCP Linux volume, if you want to preserve file ownership in 
the target tree, you should LUM-enable the migrated users before continuing. For more 
information about LUM-enabling users, see “LUM Implementation Suggestions" in the OES 11 
SP3: Planning and Implementation Guide. 


5 Migrate the data from source volume SRCVOL to target NCP Linux volume NCP1: 
migfiles -s 192.168.1.3 -V SRCVOL -x /usr/novell/NCP1/ -i --no-trustees 


After the users have been migrated (this only needs to be done once), various data volumes can 
be migrated. Repeat Step 1 to Step 5 to migrate other volumes on the source server. 


6 Map the trustee rights on the source server: 


maprights -V SRCVOL -k ou-new-context,o-company -x /usr/novell/NCP1/ mls.yaml » 
maprights.yaml 


7 Migrate the trustee rights to the target server: 
migrights -i maprights.yaml 


Repeat Step 1, Step 6, and Step 7 to migrate trustee rights for each source volume being 
migrated. 


Tree-to-Tree Migration with Trustees Already Migrated to the New Tree and 
Reorganized in the New Tree. 


The following example shows how to migrate data from a source NetWare server in one tree to a 
target OES 11 server in another tree. In this example, the target volume is an NSS volume, and the 
users have already been migrated by using tools like Novell Identity Manager so that they now reside 
in different contexts in the target tree. In this example, the Migration Tool is used only to migrate the 
data and map the trustees correctly. 


1 Create a list of files and trustees on volume V1 on the source server with IP address 
192.168.1.3: 


mls -s 192.168.1.3 -V V1 » mls.yaml 


2 Match the users on the source server to the users on the target server: 
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migmatchup -s 192.168.1.3 -d 192.168.1.67 -k 'ou-re-org,o-company' mls.yaml > 
migmatchup.yaml 


migmatchup searches for the trustees in their source context. If it doesn't find a matching trustee, 
it searches the container specified with the -k option recursively and matches the first trustee 
with the same name. If the trustee with the same name is not found, it is not matched. 


If the trustee name is changed, then the output of migmatchup can be edited so that each source 
trustee is mapped to the corresponding user on the target tree. 


3 (Conditional) When you are migrating to an NCP Linux volume, if you want to preserve file 
ownership in the target tree, you should LUM-enable the migrated users before continuing. For 
more information about LUM-enabling users, see "LUM Implementation Suggestions" in the OES 
11 SP3: Planning and Implementation Guide. 


4 Migrate the data from source volume SRCVOL to target NSS volume TGTVOL: 
migfiles -s 192.168.1.3 -V SRCVOL -x /media/nss/TGTVOL/ -i --no-trustees 


After the users have been migrated (this only needs to be done once), various data volumes can 
be migrated. Repeat Step 1 to Step 4 migrate other volumes on the source server. 


5 Map the trustee rights on the source server: 


maprights -V SRCVOL --matchup-file migmatchup.yaml -x /media/nss/TGTVOL/ 
mls.yaml » maprights.yaml 


6 Migrate the trustee rights to the target server: 
migrights -i maprights.yaml 


Repeat Step 5 and Step 6 to migrate trustee rights for each source volume being migrated. 


Limitations 


Be aware of the following limitations when performing tree-to-tree migrations: 


* If users have home directories on a volume that is migrated, the Home Directory attribute is 
changed only for users who are assigned as trustees or who belong to the groups that are 
assigned as trustees. 


+ Ifthe maptrustees and migtrustees commands are used to migrate the users, the following 
User Object attributes are migrated: 


* Common Name (CN) 

* Country 

* Description (description) 

* E-mail Address (mail) 

* Fax Number (facsimileTelephoneNumber) 
* Full Name (fullName) 

* Generational Qualifier (generationQualifier) 
* Given Name (givenName) 

* Initials (initials) 

* Language (Language) 

* Locality Name (I) 

+ Lockout After Detection (lockedByIntruder) 
* Login Allowed Time (loginAllowedTimeMap) 
* Login Disabled (loginDisabled) 
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* When LUM-enabled users are migrated to a new tree, they are no longer LUM-enabled. 


* 


* 


Login Expiration Time (loginExpirationTime) 

Login Grace Limit (loginGraceLimit) 

Login Grace Remaining (loginGraceRemaining) 

Login Intruder Limit (loginIntruderAttempts) 

Login Maximum Simultaneous (loginMaximumSimultaneous) 
Login Script (loginScript) 

Network Address Restriction (networkAddressRestriction) 
Organizational Name (o) 

Organizational Unit Name (ou) 

Password Allow Change (passwordAllowChange) 
Password Expiration Interval (passwordExpirationInterval) 
Password Expiration Time (passwordExpirationTime) 
Password Minimum Length (passwordMinimumLength) 
Password Required (passwordRequired) 

Password Unique Required (passwordUniqueRequired) 
Physical Delivery Office Name (physicalDeliveryOfficeName) 
Post Office Box (postOfficeBox) 

Postal Address (postalAddress) 

Postal Code (postalCode) 

State or Province Name (st) 

Street Address (street) 

Surname (sn) 

Telephone Number (telephoneNumber) 

Title (title) 


Migrating Data to a POSIX File System 


This section provides information on migrating data from NetWare, OES 1 Linux, OES 2 Linux, or 
OES 11 NSS volumes to a POSIX file system such as EXT3 or Reiser on a target OES 11 server. 


* "Mapping Users, Groups, and File Attributes to POSIX" on page 117 


* "Example" on page 118 


* "Limitations" on page 119 


Mapping Users, Groups, and File Attributes to POSIX 


In this type of migration, eDirectory users and groups are migrated to POSIX. The useradd and 
groupadd commands are used to create the POSIX users and groups corresponding to their 
eDirectory equivalents, and the NetWare file attributes are mapped to the POSIX rwx permissions. 


Objects in eDirectory with an objectClass of Organization, groupOfNames, or organizationUnit are 
mapped to POSIX groups. Those with objectClass organizationalPerson are mapped to POSIX 


users. 
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Because POSIX user and group names are more restrictive than eDirectory object names, the 
following conventions are used to map the common name (cn) of the objects to POSIX: 


* Names with 32 or more characters are truncated to 31 characters in length. 


* Characters not belonging to the POSIX portable character class ([A-Za-z ] [A-Za-zO-9 -.] * [A- 
Za-z0-9 -.$]) are replaced by an underscore (. ) character. 


For more information about POSIX names, see the man page for the useradd command. 


NetWare file attributes are mapped as shown in Table 16-1. 


Table 16-1 Mapping NetWare Attributes to POSIX Permissions 


NetWare Attribute POSIX Permissions 


No attributes set rw 


Read Only and Hidden 


Read Only x 


Hidden w 


For directories, the execute bit for the owner is set. 


NOTE: These mappings are based on NetWare attributes, not trustee rights. Administrators should 
evaluate the post-migration POSIX permissions and make adjustments as necessary to maintain 
suitable data security for users. 


1 Run the migfiles command to copy the data from the source to the target server. 


2 (Conditional) If you need to modify the home directories of the migrated users, run the following 
three commands in the order specified: 


mls 
maptrustees 
migtrustees 


3 Run the following commands in the order shown: 


mls 
maprights 
migrights 


Example 


The following example shows how to migrate data to a POSIX file system. 


1 Create a list of files and trustees on volume SRCVOL: 
mls -s 192.168.1.3 -V SRCVOL » mls.yaml 
2 Map the trustees on the source server and output the list to a file: 
maptrustees -s 192.168.1.3 -p -H /data/home/ mls.yaml » maptrustees.yaml 


The -H option replaces the home directory of the source server user with the new home directory 
specified by the -H option. The -H option is a path to the base directory that includes all the home 
directories. If the users don't have home directories, this option doesn't need to be used. 


3 Migrate the trustees to the target server: 
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migtrustees -p --specific-password novell maptrustees.yaml 


If you want to assign random passwords to users, use the - -random-password option; it stores 
the new passwords in an output file. To avoid password theft, dispose of the password file in a 
secure manner after you have communicated the new passwords to their respective users. 


4 Migrate the data from the volume SRCVOL on the source server with IP address 192.168.1.3 to 
the target POSIX path: 


migfiles -s 192.168.1.3 -V SRCVOL -x /path/to/copy --no-trustees -pi 
Substitute the desired target POSIX path for /path/to/copy. 


Users must be migrated before migrating data volumes. Repeat Step 1 to Step 3 for migrating 
trustees. 


5 Map the trustee rights on the source server: 


maprights -p -V SRCVOL1 -x /path/to/copy -m maptrustees.yaml mls.yaml > 
maprights.yaml 


6 Migrate the trustee rights to the target server: 
migrights -p maprights.yaml 


Repeat Step 4, Step 5, and Step 6 for each source volume being migrated. 


Limitations 


Sparse files are copied as normal files when migrated from NSS to POSIX. This is because of a 
known limitation from the POSIX perspective. Sparse files are generally supported on restore by 
restoring the data areas to sparse locations in the file system. The file system then determines 
whether or not to preserve the sparse nature of the file. POSIX file systems do not preserve the 
sparse nature of sparse files. 


File System Migration Commands 


The OES 11 Migration Tool includes several command line tools for file system migrations. Each tool 
performs a subtask of the migration by taking the required input and outputting the converted output 
or results to stdout. Table 16-2 lists the commands that are available for file system migrations. 


Table 16-2 File System Migration Commands 


Command Description 

mls Lists all files in a given NetWare, OES 1 Linux, OES 2 Linux, or OES 11 NSS path, with 
associated trustees, rights, and quotas. 

migmatchup Matches users and groups from the source server to the target server. 

maptrustees Maps users and groups from the source server to the target server specifications. 

migtrustees Creates users and groups on the target server based on the output generated by the 


maptrustees command. 


migfiles Copies files and folders from a source server to a target server. 

maprights Maps NetWare NSS/Traditional or OES NSS file system rights to OES 11 file system 
rights. 

migrights Sets file rights on the target server as defined by the output from the maprights 
command. 
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Command 


migcred 


Description 


Establishes persistent credentials for the migration utilities. 


The sections that follow discuss these commands and their options in greater detail. You can also 
refer to the respective man page for each command or use the -h (--help) and --usage options. 


mis 


The mls command lists files and associated trustees, rights, and quotas from NetWare, OES 1 Linux, 
OES 2 Linux, or OES 11 source servers. The output from this command is used as input for both 
maprights and maptrustees. 


To gather the required information for NetWare Traditional or NSS volumes, mls copies tenvinx.nlm 
to the NetWare server. To gather this information for OES 1 Linux, OES 2 Linux, or OES 11 NSS 
volumes, it uses the.trustee_database.xml file in the . NETWARE directory. 


Syntax 


mls -s -V|-X [--continue-after-failover] [-e] [-c] [--precheck] [--update-ifnewer] [--progress] [--progress- 
interval] [--use-casa] [--source-unsecure-ldap] [--source-Idap-port] [--debug] [--modified-after] [-- 
modified-before] [--accessed-after] [--accessed-before] [--no-dirquotas] [--no-userquotas] 


Options 


Option Long Form 


Purpose 


-s --source-server Specifies the source server's IP address. 
Example: -s 192.168.1.3 
-V --source-path Specifies the volume or directory path to use on the source server. 
Examples: -V NSSVOL 
-V VOL1:/apps/data 
-X --source-full- Indicates the full path of the volume to use on the source server. 
path 
--continue- Specifies that m1s continues migration after a resource failover. 
after-failover 
-e --exclude Excludes filter on files to be copied. Use this multiple times for excluding 
multiple file types (eg. -e "* . mp3" -e "* . tmp"). 
--use-casa Uses CASA to store and retrieve user names and passwords. 
--source- Uses unsecure LDAP connection for all LDAP calls. By default mls uses 


unsecure-ldap 


secure LDAP. 


--source-ldap- 
port 


Uses the specified port for LDAP calls. By default, it uses port number 389 for 
unsecure LDAP and 636 for secure LDAP. 
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zo --session-file These options are explained in the Additional Migration Options. 
--progress 


--progress- 
interval 


--debug 


--precheck 


--modified-after Scans files that are modified after this date. 


--modified- Scans files that are modified before this date. 
before 


--accessed-after Scans files that are accessed after this date. 


--accessed- Scans files that are accessed before this date. 
before 


--no-dirquotas Directory quota information is not listed. 


--no-userquotas User quota information is not listed. 


migmatchup 


The migmatchup command uses input from the m1s command to produce a mapping of users and 
groups from the source server to those on the target server. It uses 1dapsearch to retrieve the user 
and group data from the source and destination LDAP server. 


Objects can be excluded from migration by specifying them in the global /etc/opt/nove11/ 
migration/obj-exclude-list.conf file, or a custom exclude file can be specified using the -E 
option. The global exclude file has entries to not migrate a NetWare-specific user such as 
"cn-admin,ou-Tomcat-Roles,*". If a custom exclude file is specified, then the global exclude file is not 
read. 


Syntax 
migmatchup -s -d -k [-E] [-c] [--progress] [--progress-interval] [--debug] [-- 
precheck] [--use-casa] [--source-unsecure-ldap] [--source-ldap-port] [-- 
destination-unsecure-ldap] [--destination-ldap-port] «inputfile» 
Options 
Option Long Form Purpose 
-s --source-server Specifies the source server's IP address. 
-d --destination- Specifies the target server's IP address. 
server 
-k --destination-ldap- Options to specify LDAP container to be searched for finding matching 
container users and groups. 
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Option Long Form Purpose 
-E --obj-exclude-file Excludes the objects listed in this file from migration. The entries can 
contain a pattern with wild cards * and ?. Refer to the object exclude file 
/etc/opt/novell/migration/obj-exclude-list.conf for 
more information. 
=g --session-file These options are explained in the Additional Migration Options. 
- -progress 
--progress-interval 
- -debug 
--precheck 
--use-casa Uses CASA to store and retrieve user names and passwords. 
--source-unsecure- Uses unsecure LDAP connection for all LDAP calls. By default, 
ldap migfiles uses secure LDAP. 
--source-ldap-port Uses the specified port for LDAP calls. By default, it uses port number 
389 for unsecure LDAP and 636 for secure LDAP. 
--destination- Uses unsecure LDAP connection for all LDAP calls. By default, 
unsecure-ldap migfiles uses secure LDAP. 
--destination-ldap- Uses the specified port for LDAP calls. By default, it uses port number 
port 389 for unsecure LDAP and 636 for secure LDAP. 
inputfile Indicates the output file produced from the m1s command from stdin. 
Example 


This example illustrates matching users and groups from source server to a target server: 


migmatchup -s 192.168.1.3 -d 192.168.1.4 -k o=company mls.yaml 


maptrustees 


The maptrustees command maps the users and groups from the source server's tree or domain to 
the target server's specifications. It uses input from mls to produce and map user and group data 
from the source server. You must use maptrustees when migrating data to a different tree or when 
migrating users and groups to a different context. 


By default, maptrustees maps users and groups into a new target tree. The target file server should 
be in the same tree as the LDAP target server. You can use the -k option to map users and groups 
into a single target container. 


The maptrustees command can also be used to map users and groups to POSIX users and groups 
in /etc/passwd and /etc/group. It uses 1dapsearch to retrieve the user and group data from the 
source LDAP server. The source LDAP server should be in the same tree as the source file server 
that produced the mls output. 


Syntax 


maptrustees -s [-H] [--map-homedir-only] [-p] [-k] [--matchup-file] [-g] [-E] [-- 
use-casa] [--source-unsecure-ldap] [--source-ldap-port] [--debug] [--precheck] [- 
c] [--progress] [--progress-interval] «inputfile» 
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Option Long Name Purpose 


-s --source-server Specifies the source server’s IP address. 


Example: -s 192.168.1.3 


-H --homedir Specifies the path to the directory for migrating users’ home 
directories. This option is used to map users’ home directories to the 
new path on the target server. 


Example: -H /media/nss/nssvoll/homedir 


--map-homedir-only This option is used when source and destination servers are in the 
same tree. This option forces maptrustees to generate only the 
users' home directory information, so that migtrustees can modify 
only the users' home directories. You must also pass --homedir (-H) 
option along with this option. 


-p --posix Maps users and groups to /etc/passwd and /etc/group on the 
OES 11 server. The default is LDAP, if no mapping option is 
specified. 

-k --destination-ldap- Specifies the container where all users and groups are to be 

container migrated. 


Example: -k ou=merged, o=company 


--matchup-file Specify a user matchup file as generated by migmat chup. 


-g --primary-group Specifies the primary POSIX group for migrated users. If not 
specified, the default primary group is "users." 


Example: -g migrated-users 


The specified group must be created before you run the 
migtrustees command, because migtrustees does not create 
the group. 


--use-casa Uses CASA to store and retrieve user names and passwords. 


--source-unsecure-ldap Uses unsecure LDAP connection for all LDAP calls. By default, 
migfiles uses secure LDAP. 


--source-ldap-port Uses the specified port for LDAP calls. By default, it uses port 
number 389 for unsecure LDAP and 636 for secure LDAP. 


-E --obj-exclude-file Excludes from migration the objects listed in the specified file. 
Example: -E excludefile.txt 


If this option is used, the global exclude file is not read. See 
"Excluding Objects" on page 124 for more information. 


-G --session-file These options are explained in the Additional Migration Options. 
--progress 
--progress-interval 
- -debug 


--precheck 
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Option Long Name Purpose 


inputfile Indicates the output file produced from the mls command or from 
stdin. 


Examples 
* To map users and groups to the same container in the target tree as in the source tree: 
maptrustees -s 192.168.1.3 mls.yaml 
The example assumes that you have the same tree structure in the target tree as in the source 


tree. 


* To map users and groups to a new container in the target tree, using the output from the mls 
command: 


maptrustees -s 192.168.1.3 -k ou=merged,o=company mls.yaml 


A new container named ouzmerged,o-company is created in the target tree, and all migrated 
users and groups are created within that container. 


* To map users to /etc/passwd and /etc/group in a POSIX environment and redirecting the 
output to the maptrustess.yaml file: 


maptrustees -s 192.168.1.3 -p mls.yaml » maptrustees.yaml 


Excluding Objects 


When generating the list of users and groups to be mapped to the target tree, mapt rustees reads the 
obj-exclude-list.conf file in the /etc/opt/novell/migration/ directory and excludes the 
eDirectory objects listed in that file. 


The global exclude file includes entries for NetWare objects, such as cn=admin,ou=Tomcat-Roles. 


If you find that objects are being migrated from your source eDirectory tree that you do not want to 
appear in the target tree, you can add the objects to the obj -exclude-list.conf file. Use fully 
distinguished object names in LDAP (comma-delimited) format. For example: 


cn-testuser,ou-users,o-novell 


NOTE: NCP Server objects that are assigned as file system trustees are not migrated in a tree-to- 
tree migration. 


migtrustees 


The migtrustees command uses input from maptrustees to create users and groups in the target 
tree. It uses 1dapadd and 1dapmodify to make the changes on the target LDAP server. 


If the -p (- -posix) option has been specified in maptrustees, migtrustees uses useradd and 
groupadd to create users and groups in /etc/passwd and /etc/group. 


If the -g (--primary-group) option was specified in maptrustees, the specified group must already 
exist or it must be created before running migtrustees. 
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migtrustees -d [-i] [-A] [-m] [-p] [-r] [--use-casa] [--destination-unsecure-ldap] 
[--destination-ldap-port] [--debug] [--precheck] [-c] [--progress] [--progress- 
interval] [--specific-password] [--newusers-password-file] <inputfile> 


Options 
Option Long Form Purpose 
-d --destination-server  Specifies the target server's IP address (not needed for POSIX 
migrations). 
Example: -d 192.168.1.5 
-i --verbose Prints verbose information regarding the user and group migration 
status. 
-A --audit Audits the results of the user and group migration. 
-m --modify-existing Modifies or updates users or groups if they already exist. 
If you do not include the -m option, the migtrustees command 
displays user exists errors if a User object being migrated is 
already present in the target eDirectory tree. In this case, no 
modifications are made to the User object in the target tree. 
-p --posix Creates POSIX users and groups on the destination server. The default 
is LDAP. 
--use-casa Uses CASA to store and retrieve user names and passwords. 
--destination- Uses unsecure LDAP connection for all LDAP calls. By default, 
unsecure-ldap migfiles uses secure LDAP. 
--destination-ldap- Uses the specified port for LDAP calls. By default, it uses port number 
port 389 for unsecure LDAP and 636 for secure LDAP. 
-c --session-file These options are explained in the Additional Migration Options. 
--progress 
--progress-interval 
--debug 
--precheck 
-s --specific-password Specify the password for newly created users. You must note the 
password so that it can be forwarded to individual users. 
If the specific password or random password option is not specified, 
then the users are created but locked until you assign a password. 
-r --random-password Generate random passwords for new users created on the target 


server. When using this option, you must always pass the --newusers- 
password-file option so that the randomly generated passwords and 
user names are stored in the file. 
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--newusers-password- The newly created user names, along with passwords, are stored in the 
file file specified with this option. This option must be passed with the -- 
random-password option. 


If the specified file exists, nigtrustees appends the file; otherwise, it 
creates a new file with read-only permission. 


inputfile Indicates the output file produced from the mapt rustees command or 
from stdin. 


Examples 


* To migrate users and groups to a target tree, using an LDAP server with the IP address of 
192.168.1.4 in the target tree: 
migtrustees -d 192.168.1.4 -s novell maptrustees.yaml 

* To audit the outcome of a trustee migration: 
migtrustees -d 192.168.1.4 -A -s novell maptrustees.yaml 

* To migrate users and groups to POSIX with verbose information: 


migtrustees -i -p -s novell maptrustees.yaml 


migfiles 


The migfiles command copies files from NetWare Traditional or NSS volumes, OES 1 Linux NSS 
volumes, OES 2 Linux NSS volumes, or OES 11 NSS volumes to OES 11 NSS, NCP, or POSIX 
paths. It uses the Novell Storage Management Services (SMS) framework to migrate file data and 
metadata. 


When the migration is between two servers in the same eDirectory tree, migfiles copies the 
trustees and rights information along with the file data. When migrating data to a server in a different 
tree, migfiles copies only the file data. You must use other commands such as mls, maptrustees, 
migtrustees, maprights, and migrights to migrate the trustees and rights information. 


Syntax 

migfiles -s [-p] [-i] -v|-x -V|-X [--continue-after-failover] [--disable-login] [- 
P] [-e] [--exclude-path] [-c] [--no-trustees] [--trustees-only] [--delete- 
existing-trustees] [--use-casa] [--source-unsecure-ldap] [--source-ldap-port] [-- 
debug] [--precheck] [--progress] [--progress-interval] [--demigrate-files] [-- 
never-overwrite] [--update-ifnewer] [--modified-after] [--modified-before] [-- 
accessed-after] [--accessed-before] [--usecodeset] [--no-dirquotas] [--no- 
userquotas] [--sync] [--delete] [--delete-file-on-restore-error] [--ignore-quota- 
checking] [--trustees-dirs-only] 


General Options 


Option Long Form Purpose 


-S --source-server Specifies the source server's IP address. 


Example: -s 192.168.1.3 
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Option Long Form Purpose 
-p --posix Specifies that the target is a POSIX path. (If not specified, the default 
target type is NCP over POSIX.) 
-i --verbose Prints verbose file migration status. 
-V --source-path Specifies the source path, in VOLNAME or VOLNAME:/path format. 
Example: -V NSSVOL -V VOL:apps/data -V winshare 
@srcpathfile Specifies the source file that includes multiple source paths and is 
prefixed with a symbol (@). 
Example: -V @srcpathfile 
-v --destination-path Specifies the volume on the target server where the files are copied. 
This option cannot be used with the -x option. 
Example: -v VOL1 
-X --destination-full- Specifies the target path for copying NSS, NCP, or POSIX data. This 
path option cannot be used with the -v option. 
Example: -x /media/nss/TEST 
@destpathfile Specifies the target file that includes corresponding target paths and is 
prefixed with a symbol (@). 
Example: -x @destpathfile 
-X --source-full-path Specifies the source path for copying NSS, NCP, or POSIX data. This 
option cannot be used with the -V option. 
Example: -X /media/nss/TEST 
--continue-after- Specifies that migfiles continue migration after a resource failover. 
failover 
--disable-login New logins to source server are disabled during data migration. 
--never-overwrite Do not overwrite files that already exist on the target server. 
-e --exclude Sets an exclude filter on files to be copied. Use this option multiple 


times to exclude multiple file types. 


Example: -e "*.mp3" -e "*.tmp" 


--exclude-path 


Excludes the directory with the specified source path from migration. 
Use this multiple times for excluding multiple directories or files. 


--use-casa 


Uses CASA to store and retrieve user names and passwords. 


--Source-unsecure- 
ldap 


Uses unsecure LDAP connection for all LDAP calls. By default, 
migfiles uses secure LDAP. 


--source-ldap-port 


Uses the specified port for LDAP calls. By default, it uses port number 
389 for unsecure LDAP and 636 for secure LDAP. 
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Purpose 


-c --session-file These options are explained in the Additional Migration Options. 
- -progress 
--progress-interval 
- -debug 
--precheck 
--no-trustees Do not migrate trustees. 
--trustees-only Migrate only the trustees. New trustees added to the source server are 
migrated to the target server. 
--delete-existing- Trustees that do not exist on the source server are deleted from the 
trustees target server. You must use this option with the --trustees-only 
option. 
--demigrate-files Migrates the data of HSM migrated files. By default, only stubs are 
migrated. 
--update-ifnewer Updates the file on the target server with the new data from the file on 
the source server. 
-u --modified-after Migrates files that are modified after this date. 


--modified-before 


Migrates files that are modified before this date. 


--accessed-after 


Migrates files that are accessed after this date. 


--accessed-before 


--usecodeset 


--no-dirquotas 


Migrates files that are accessed before this date. 


Code page value of the source server. This option is applicable only 
for NetWare 5.1 server. 


Do not migrate directory quotas. 


--no-userquotas 


Do not migrate user quotas. 


--sync Synchronizes the source server and target server. Migrates files from 
the source server that are not available on the target server or is 
modified after the date given. 

--delete Synchronizes the source server and target server. You must use this 


option with the - -sync option. Files that do not exist on the source 
server are deleted from the target server. 


--delete-file-on- 
restore-error 


Deletes partially restored or O byte files that are created during 
synchronization. 


--ignore-quota- 
checking 


Disables quota checking on the target server. When migration is 
completed, migfiles enables quota checking. 


--trustees-dirs-only 


Synchronizes trustees only at the directory level. Trustees for files are 
not synchronized. This option must be used only with the - - 
trustees-only option or with the sync options. 


NetWare to Linux Migration Options 


The following options can be used only in NetWare-to-Linux migrations. 
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-C --session-file Stores the migration's progress, including the date and time of the 
migration, the source and target IP addresses, and the source and 
target volume names, in the specified session file. 


Example: -c "status.log" 


This file can be used to resume a previously halted migration job. If an 
absolute or relative path is not specified with the file name, migfiles 
searches the current working directory for the file. If the specified file 
does not exist, all files are migrated. See "Multi-Session Migration" on 
page 130 for more information. 


-u --update Migrates files newer than the date specified with this option. See 
"Updating Modified Files" on page 130 for more information. 


This option supports date/time inputs in the following formats: 
"Sd-Sm-SY $H:$M:$S" 
"$Sd-£m-$Y %H:%M" 


where d, m, Y, H, M, and S are format variables of standard Linux date/ 
time implementations. The supported formats can be extended by 
using the DATEMSK environment variable. The DATEMSK 
environment variable must be sent to the file path pointing to the date/ 
time formats to support. See getdate(1) and strptime(3) for more 
information on using DATEMSK. 


--no-trustees Excludes trustees while migrating file system data. 

--demigrate files Migrates the data of HSM-migrated files. By default, only stubs are 
migrated. 

--update-ifnewer Updates the file if the file on the source server is newer than the file on 


the target server. This option is applicable only for data migration. 


Multiple Source Path Migration 


This command migrates the source paths listed in the source file srcpathfile to corresponding 
target paths listed in the target file destpathfile. Pass the srcpathfile with -V and destpathfile 
with -x option prefixed with a symbol (@). The sample IP address is 192.168.1.3 of the source server. 


Source Paths in srcpathfile Target Paths in destpathfile 
DATA:DEPT/finance /media/nss/DATA/finance 
DATA:DEPT/legal /media/nss/DATA/legal 


migfiles -s 192.168.1.3 -V @srcpathfile -x @destpathfile -i 


Progress Indicator 


While the migfiles command is running (without the -i option), a pound (#) character is displayed 
for every 100 files migrated. 
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Multi-Session Migration 


The -c or --session-file option of the migfiles command allows you to stop the migration 
partway through and then continue it later from where it left off. This is especially useful when 
migrating large data volumes that might take several working days to copy and that must remain 
online during the migration. 


For example, the following command stores the migration's progress and other metadata in a session 
file named vi-to-vi 090907: 


migfiles -s 192.168.1.3 -v VOL1 -V VOL1 -ni -c "V1-to-V1 090907" 


To terminate the migration session at any time, press CtrltC. You can resume the session later by re- 
entering the migfiles command by passing the same session file, vi-to-v1 090907. 


Updating Modified Files 


Another useful option for the migfiles command is the -u or - -update option. This option lets you 
specify a date and time, then migfiles copies only files that have been modified after this date and 
time. This option must be used after completing a multi-session migration described above to update 
all the files modified by users during the migration. The session file contains the date and time at 
which the migration started. 


For example, the following command updates all the files on the target volume that have been 
modified at the source after 9 September 2014 at 12:30: 


migfiles -s 192.168.1.3 -v V1 -V V1 -ni -u "9-09-2014 12:30" 


maprights 


The maprights command gleans file system rights information from the mls output and maps the 
rights to a specified volume or path on the OES 11 target server. You can specify a mapping to NSS, 
NCP, or POSIX rights. 


If the target server is in a different tree and users and groups are in new containers, you can use the 
-k option to migrate the users and groups into a specified container in the target eDirectory tree. 


Syntax 

maprights -V [-p] -v|-x [-k] [--matchup-file] [-m] [--debug] [--precheck] [-c] [-- 

progress] [--progress-interval] «inputfile» 

Options 

Option Long Form Purpose 

-V --source-path Specifies the volume or directory path to use on the source server. 
Examples: -V NSSVOL 
-V VOL1:/apps/data 

-p --posix Maps user rights to POSIX file system access rights. 

-v --destination- Specifies the volume on the OES 11 target server where the rights 

path information is mapped. This option cannot be used with the -x option. 


Example: -v NSSVOL 
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Option Long Form Purpose 


-X --destination- Specifies the volume path on the OES 11 target server where the rights 
full-path information is mapped. You must use -x in maprights if you used -x in 
migfiles. 
-k --destination- Specifies an eDirectory container where all users and groups are to be 
ldap-container migrated. You must use -k in maprights, if you used -k in maptrustees. 


Example: -k ou=users,o=company 


--matchup-file Specify a user matchup file as generated by migmatchup. 
-m --maptrustees- Specifies the name of the mapt rustees file associated with this maprights 
file migration (required for POSIX rights mapping). 


Example: -m maptrustees.yaml 


inputfile Indicates the name of the output file produced from the mls command or from 
stdin. 


=¢ --session-file These options are explained in the Additional Migration Options. 
--progress 


--progress- 
interval 


--debug 


--precheck 


migrights 
The migrights command uses input from maprights to set file rights on the target server. All details 


for setting rights are stated in the input file. migrights uses this information to set the rights 
appropriately on the target file system. 


Syntax 


migrights [-i] [-A] [-t] [-p] [--debug] [--precheck] [-c] [--progress] [--progress- 
interval] <inputfile> 
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Options 


Option Long Form Purpose 

-i --verbose Prints verbose rights migration status. 

-A --audit Audits the results of the file rights migration. 

-t --test Performs a test run of the rights migration operation. 

-p --posix Indicates that the destination path is POSIX. 

-C --session-file These options are explained in the Additional Migration Options. 
- -progress 


--progress-interval 


- -debug 
--precheck 
inputfile Indicates the output file produced by the maprights or from stdin. 
- -debug Prints debug messages to the migrights log file located at /var/ 
opt/novell/log/migration/. 
Examples 


* To set rights on the target file system with verbose output: 
migrights -i maprights.yaml 

* To audit the outcome after setting rights on the target file system: 
migrights -i -A maprights.yaml 


* To perform a test run with the output from maprights and see if the files and users exist in the 
target tree (the test results are being directed to migrights-t.yaml) 


migrights -i maprights.yaml -t » migrights-t.yaml 


migcred 


The migcred command can be used to store, retrieve, and delete persistent credentials for the other 
file system migration commands. It uses CASA to store credential details of an identity. A migcred 
identity can be a server IP address. With each identity, a type of user name (for example, LDAP, NDS 
Distinguished Name, or email name) is stored along with an associated password. 


Syntax 


migcred -i -1|-n|-N|-c|-o|-e [-w] [-r] [-d] [--debug] 


Options 
Option Long Form Purpose 
-i --id Specifies the identity or key to identify the credential. 


Example: -i 192.168.1.3 
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Option Long Form Purpose 

-1 --ldap-dn Specifies credential details in LDAP format. 
Example: -1 cn=admin, o=company 

-n --nds-dn Specifies credential details in NDS DN format. 
Example: -n admin.company 

-N --nds-fdn Specifies credential details in NDS FDN format. 
Example: -N cn=admin.o=company 

-c --cn Specifies credential details in Common Name (CN) format. 
Example: -c John Smith 

-0 --other Specifies credential details in a non-specified format. 

-e --email Specifies credential details as an email address. 
Example: -e admin@company.com 

[-w] [--password] Retrieves a stored password. 

[-r] [--retrieve] Retrieves credential details of an identity. 

[-d] [--delete] Deletes the credentials of an identity. 

[--debug] Print debug messages to the migcred log file. The log file is located at /var/ 

opt/novell/log/migration/ 

Examples 


* This example illustrates storing the credential details of identity 192.168.1.3 in LDAP format. The 
command prompts for credential details, which should be entered in LDAP format 
(cn=admin,o=mycompany): 
migcred -i 192.168.1.3 -1 

* This example illustrates retrieving credentials after they have been stored: 
migcred -i 192.168.1.3 -1 -r 

* This example illustrates deleting credential details of identity 192.168.1.3: 
migcred -i 192.168.1.3 -d 


Additional Migration Options 


The OES 11 Migration Tool provides additional options to be executed with file system migration 
utilities. 


You can execute these commands with file system migration utilities. Table 16-3 lists the additional 
options that are available for file system migrations. 


Table 16-3 Additional Migration Options with File System Commands 


Option Description 


--session-file Stores migration progress. This file is used to continue the migration. 
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Option Description 


--progress Displays the progress (in terms of percentage) of the command being 
executed. 

--progress-interval Specifies the time interval for displaying the progress of a command. 

--debug Executes the command in a debug mode and creates a log file. 

--precheck Validates the arguments passed in a command. 


Session File 


A session file stores the status of a command, checkpoint information of a command (the point at 
which the execution of command was stopped), and parameters for validating the session file. You 
can create a session file by executing a command with the --session- file option. 


For example, to create a session file for the mig£iles command: 


migfiles -s 192.168.1.3 -iV src volume -v dest volume --session-file /home/ 
migfiles session.session 


This command migrates data from the source NSS volume src volume to the target NSS volume 
dest volume. You can stop the command and re-execute it at a later stage. On executing the 
command at a later stage, the mig£iles session.session file is taken as an input and the 
migfiles command starts at the point when it was last stopped. 


For example, your source volume contains 50 GB of data and after migrating 40 GB of data, migration 
was stopped. On re-executing the mig£iles command, the remaining 10 GB of data is migrated. 


Sample Session File: 


Src-server: 192.168.1.3 
dest-server: 192.65.1.2 
src-path: "DFS:" 

dest-path: "/media/nss/VOL1/" 
started-on: "18-7-2008 16:8:15" 
status: stopped 

stopped-at: "DFS:db/" 

Bytes Processed: 22 


Progress 


The --progress command can be executed with any command to display the progress of the 
command being executed. 


To view progress on executing the migtrustees command: 
migtrustees -d 192.168.1.3 maptrustees.yaml -i --progress 
Output of the command: 


Created 200 trustees of 500 


When you execute the migtrustees command with the --progress option, it displays the progress 
of trustee creation. You can set the time to display the progress by specifying the --progress- 
interval option. 
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Progress Interval 


The --progress-interval option is used along with the --progress option to specify the time 
interval for displaying the progress of a command. The default time interval is 30 seconds for 
refreshing the progress of a command. 


To view progress every 10 seconds on executing the migtrustees command: 
migtrustees -d 192.168.1.3 maptrustees.yaml -i --progress --progress-interval 10 


The migtrustees command refreshes the progress every 10 seconds. 


Debug 


The --debug option executes the command in debug mode and creates a log file in the /var/opt/ 
novell/log/migration folder. 


To execute the mls command in debug mode: 
mls -s 192.168.1.3 -V src volume --debug 


This command creates an m1s . 10g file that is stored in the /var/opt/novell/log/migration folder. 


Precheck 


The --precheck option validates the arguments passed in a command. 
To execute the migfiles command: 
migfiles -s 192.165.1.1 -iV src volume -v dest volume --precheck 


On executing this command, the - -precheck option validates the existence of the src volume and 
dest volume on the source server and the target server. The command authenticates to the source 
server and target server, and also verifies whether SMS is running on the target server. 


16.7 Troubleshooting 


* Section 16.7.1, “Same Tree Scenario," on page 135 
* Section 16.7.2, "Different Tree Scenario," on page 136 


* Section 16.7.3, “General Issues," on page 137 


16.7.1 Same Tree Scenario 


* "The Migration Tool File System GUI, Volume Information Tab Displays Empty Boxes for Non- 
English Directory Names." on page 136 


* "Error nbackup: open file" on page 136 
* "Error nbackup: execute only files" on page 136 
* "Error nbackup: A file cannot be read and nbackup: Failed to read dataset" on page 136 
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16.7.2 


The Migration Tool File System GUI, Volume Information Tab 
Displays Empty Boxes for Non-English Directory Names. 


In the Migration Tool file system GUI, the Volume Information tab displays empty boxes for non- 
English directory names.This issue occurs if the corresponding language is not installed on the 
Source server. 


To install fonts for non-English languages, run yast2 language, then select languages in the 
Secondary Languages pane. After installing the required languages, restart the migration project. 


Error nbackup: open file 


Open files on the source server are not migrated. If files are open, they are not migrated because this 
causes data inconsistencies. 


Close the files and then perform the migration. 


Error nbackup: execute only files 


nbackup encountered files with the Execute-only bit set. By default, these files are not copied. 


If you want to copy the Execute-only files, use the tsa£s /ExcludeExecuteOnly=0 setting on the 
source NetWare server. 


Error nbackup: A file cannot be read and nbackup: Failed to read 
dataset 


Source volumes or the target volumes are unavailable or are renamed during migration. 


Do not rename volumes when migration is in progress. If migration stops because a volume is 
unavailable, ensure that the volume is properly activated and mounted, then restart the migration 
project. 


Different Tree Scenario 


* "Ownership Information Is Changed when Migrating from NSS to NCP" on page 136 


Ownership Information Is Changed when Migrating from NSS to NCP 


If the ownership information is changed when migrating from NSS to NCP, ensure that you LUM- 
enable the users that are migrated into the target eDirectory tree before you run the migfiles 
command. 


If you LUM-enabled the users that were migrated into the target eDirectory tree and still don't see the 
proper ownership information (for example, the owner is nobody as viewed in POSIX, or the server 
name as viewed by the Novell Client), try the following: 

1 At the OES 11 server terminal prompt, enter namcd cache refresh. 

2 Synchronize the eDirectory replicas by using DSREPAIR. 

3 Enter nsscon /resetidcache. 

4 To verify the information of the owner, enter: 

ls -1 /usr/novell/NCP1 
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16.7.3 General Issues 


* "Migration GUI Throws Java Null Pointer Exception on Completion of File System Migration or 
Sync" on page 137 


* "File System Migration Fails with EATAL error: nbackup command failed to complete" on 
page 137 


* "File System Migration Fails When TSAFS Is Set to Netware Mode on a OES 11 Server" on 
page 137 


* "When You Configure the File System GUI, an Error Is Displayed that the Volumes on the 
Source Server (NetWare 6.0 or Later) Are Not Mapped" on page 137 


* "When You Start Migration, an Error Is Displayed and Migration Fails" on page 138 
* "Migration Fails Due to Failure of the migtrustees Command" on page 139 

* "Not Getting the Code Page and Non-English Characters" on page 139 

* "Source Cluster Volumes Are Not Displayed" on page 140 


* "Files or Trustees Are Not Synchronized" on page 140 


Migration GUI Throws Java Null Pointer Exception on Completion of 
File System Migration or Sync 


The java null pointer exception has no impact on the functionality, you can ignore this exception. 


File System Migration Fails with FATAL error: nbackup command 
failed to complete 


There might be two admin users in the system (local admin user and eDirectory admin user). The 
failure was caused because the local admin user, which does not have permission, was trying to 
perform file system migration. 


To resolve this issue, delete or rename the local admin user, then perform file system migration. 


File System Migration Fails When TSAFS Is Set to Netware Mode on 
a OES 11 Server 


To resolve this issue, set the parameter tsamode to Linux in the /etc/opt/novell/sms/tsafs.conf 
file. 


When You Configure the File System GUI, an Error Is Displayed that 
the Volumes on the Source Server (NetWare 6.0 or Later) Are Not 
Mapped 


If the Novell Client fails, the volumes on the source server are not mapped. The file system migration 
does not depend on the Novell Client commands, but it uses nwmap to map the source volumes. The 
details of the error is logged are /var/opt/novell/migration/«project name>/log/ 
filesystem.log. 


To troubleshoot this issue, perform the following: 


1 Verify the status of the Novell Client by entering the following command: 
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rcnovfsd status 
1a If the service is running, restart the service by entering the following command: 
rcnovfsd restart 
or 
If the service is not running, start the service by entering the following command: 
rcnovfsd start 
1b To configure the file system, select the file system and click Configure. 


2 (Conditional) If the error is displayed again, verify the status of the novell-xregd service by 
entering the following command: 


rcnovell-xregd status 

2a If the status is running, restart the service by entering the following command: 
rcnovell-xregd restart 
or 
If the status is not running, start the service by entering the following command: 
rcnovell-xregd start 

2b Restart the Novell Client by entering the following command: 
rcnovfsd restart 

2c To configure the file system, select the file system, then click Configure. 


3 (Conditional) If the error is displayed after restarting the novfsd and novell-xregd services, refer 
to the log file to verify whether the Novell Client has failed to resolve the IP address. 


3a If the IP address was not resolved, create a /etc/opt/novell/ncl/protocol.conf file 
and add the following line: Name Resolution Providers-NCP,SLP,DNS 


3b Restart the Novell Client by entering the following command: 
rcnovfsd restart 


3c To configure the file system, select the file system, then click Configure. 


When You Start Migration, an Error Is Displayed and Migration Fails 


When you click Start in the main migration window, migration fails and you receive the error that no 
data sets are found. 


+ "Source Server is OES 1" on page 138 
* "Source Server is OES 2 or OES 11” on page 139 


Source Server is OES 1 


Migration might fail if smszapi is not loaded on the source server. To troubleshoot this issue, perform 
the following: 
1 Verify that smszapi is loaded on the source server by executing the following command: 
lsmod | grep smszapi 
2 (Conditional) If smszapi is displayed in the list, update the smszapi. 
3 (Conditional) If smszapi is not displayed in the list, restart SMDR. 
novell-smdrd restart 


4 Click Migrate to start the migration. 
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Source Server is OES 2 or OES 11 


Migration might fail if there is a problem during the setup and zapi is not loaded on the source server. 
To troubleshoot this issue, perform the following: 
1 Verify that zapi is loaded on the source server by executing the following command: 
lsmod | grep zapi 
2 (Conditional) If zapi is displayed in the list, then update the zapi. 
3 (Conditional) If zapi is not displayed in the list, restart SMDR. 
novell-smdrd restart 


4 Click on Start, to begin the migration. 


Migration Fails Due to Failure of the migtrustees Command 


The migtrustees command fails with a fatal error, which is recorded in the filesystem. 1log file. 


The migtrustees command takes input from the maptrustees.yaml file, which includes various 
attributes. Some special characters are included in the loginScript attribute of the maptrustees.yaml 
file, which is not recognized by the migtrustees command causing a failure in the migration. 


To troubleshoot this issue, perform the following: 


1. Open the iManager page on the source server. 
2. Click Users » Modify Users. 
3. Select the user name that has special characters in the login script. 


For example, if you see the error for cn=testuser,ou=users,o=novell in the £ilesystem.1og file, 
select testuser from the user list. 


. Click General » loginScript. 
. Remove the special characters from the login script. 


. Click apply > ok. 


N o 0 Sf 


. Remove the migtrustees.session, maptrustees.session and maptrustees.yaml files from 
the /var/opt/novell/migration/«Project name»/fs/ folder of the target server. 


This ensures that the maptrustees command is re-executed when continuing the migration 
process. 


8. Click Start on the main Migration Tool window of the target server to continue the migration. 
Not Getting the Code Page and Non-English Characters 
* "Migrating from NetWare 6.5 or Later" on page 139 


Migrating from NetWare 6.5 or Later 


The language pack is not installed on the target server, so the code page and the non-English 
characters are not displayed. 


You need to install the language pack of the source server on the target server before starting the 
Migration Tool. 
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Source Cluster Volumes Are Not Displayed 


This issue occurs because the /s Cluster Resource option is not selected in Source Server 
Authentication or because the cluster resource is down. 


If the Is Cluster Resource option is not selected, select the option from Source Server Authentication, 
then reconfigure. 


or 


If the /s Cluster Resource option is selected and the cluster volumes are not displayed, verify the list 
of cluster volumes by executing the following command: 


/opt/novell/sms/bin/smstool --list-cluster-volumes -R <resourceIP> -U 
«admin credentials» 


Files or Trustees Are Not Synchronized 


If files are open on the source server during synchronization, those files are not synchronized with the 
files on the target server. If trustees are deleted on the source server during or before 
synchronization, the trustees are not migrated. Ensure that you verify the following before 
synchronizing, then click Sync. 


* No application or user is accessing the source volumes that are being copied. 


* Select disable login in the file system GUI to restrict access to the source volumes. 
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17.1 


17.1.1 


Migrating eDirectory to OES 11 SP3 


eDirectory migration to Open Enterprise Server (OES) 11 SP3 requires the migration of the 
eDirectory data and server identity to provide seamless accessibility after migration. The eDirectory 
migration utility performs all of the pre-migration tasks, health validations and server backups, server 
migration, and post-migration tasks for you. 


The following sections give you more details on the migration procedure for eDirectory: 


* Section 17.1, "Planning Your Migration," on page 143 
* Section 17.2, “Migration Tools," on page 145 

* Section 17.3, "Migration Procedure," on page 145 

* Section 17.4, "After the Migration," on page 146 


Planning Your Migration 


This section lists the important requirements that must be verified before attempting eDirectory 
migration. 


IMPORTANT: If the eDirectory version is 8.7.3.6 or earlier on the NetWare server, you must back up 
the sys:/system/backupcr.nlm file. 


When performing migration from NetWare to OES 11 SP3, the backuper.nlm on the NetWare server 
is overwritten with the newer version. In case of failure, restore the backupcr .n1m. 


¢ Section 17.1.1, "System Requirements," on page 143 
* Section 17.1.2, "Prerequisites," on page 144 

¢ Section 17.1.3, "Supported Platforms,” on page 144 
¢ Section 17.1.4, “Considerations,” on page 144 

¢ Section 17.1.5, "Troubleshooting," on page 144 


System Requirements 


C] The target server must run OES 11 SP3 with the migration pattern selected, and should have the 
eDirectory 8.8 SP6 RPMs already installed. 


C] If there is any eDirectory 8.8 SP6 instance already configured in the target OES 11 SP3 server, it 
must be deconfigured. For more information about removing a server object, see "Using the 
ndsconfig Utility to Add or Remove the eDirectory Replica Server" in the NetIQ eDirectory 8.8 
SP8 Installation Guide. 


C] OES 11 SP3 does not support multiple instances of eDirectory on the same server, so any non- 
default instances should not be running during migration 


C] The source server should be running and should not be part of any partition operation. For more 
information about supported source server versions, see "eDirectory Coexistence and Migration" 
in the OES 11 SP3: Planning and Implementation Guide. 
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17.1.2 


17.1.3 


17.1.4 


17.1.5 


Prerequisites 


C] The eDirectory migration utility can run only on the target server and must be able to access the 
source server remotely. 


C] Ensure that all servers that share a replica with the server to be restored are up and 
communicating. This allows the restore verification process to check with servers that participate 
in the same replica ring. 


For more information, see “Preparing for a Restore" in the NetIQ eDirectory 8.8 SP8 
Administration Guide. 


Supported Platforms 


The eDirectory migration utility is designed to run on OES 11 SP3, which is the target platform for 
migration. For more information about the compatible eDirectory versions at the source and the 
corresponding target servers, see Section 4.1, "Prerequisites," on page 41 and Section 1.4, "Support 
Matrix for NetWare and OES Services," on page 18. 


Considerations 


* |P address and DNS migrations are not performed by this migration utility. 


* Only the eDirectory instance is migrated. Applications depending on eDirectory are not migrated 
by this utility. 

* You should not use this migration methodology if you want both servers to be available during 
the migration operation. 


NOTE 


Only the target server is available after the Transfer ID migration. The eDirectory DIB on the 
source server is locked. Other service migrations cannot be performed after completing Transfer 
ID migration for eDirectory. The source server can be brought back by restarting the eDirectory 
server, but you should do this only if the Transfer ID migration is unsuccessful. 


Troubleshooting 


* "Migration Issue" on page 144 


Migration Issue 
If the source server is running eDirectory 8.6.2, the following error is encountered: 


The NDS schema in this tree is out of date. You must run ndsrepair to correct it. 
Please consult the readme for further instructions. ERROR -722: Setup for NDS 
installation failed. Please make certain that you have provided the complete server 
and admin contexts. 

ERROR: /opt/novell/eDirectory/bin/ndsconfig return value - 78. 


To workaround this issue, do the following: 


On the master eDirectory 8.6.2 server, run dsrepair, Advanced Options Menu » Global Schema 
Operations, then select Post NetWare 5 Schema Update » Yes. 
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17.3 


Migration Tools 


The eDirectory migration can be performed independently or by using the OES migration framework. 
The complete migration task is performed by invoking the migedir command line utility. 


Migration Procedure 


1 Run the migedir utility by entering the following command on the target server: 


migedir [-A «log directory name>] [-s «IP address>] [-t] [-h] [-i] [-u] [-a] [- 
w] [-B] [-R] 


The utility takes the following command line options: 


Option Description 

-A directory name Enables auditing. directory name specifies the directory in which log files should 
be created. 

-s IP address Specifies the IP address of the source server containing the eDirectory instance to 
be migrated. 


IMPORTANT: -s is a mandatory parameter. 
t Tests the validity of the input parameters. 


NOTE: This option verifies the IP address; however, it does not perform the actual 
migration. 


-h Prints help about using this utility. 


-i Enables the verbose mode. 


-u Enables the unattended mode. 
-a Specifies the tree adminDN. 

-W Specifies the admin password. 
-B Enables the Backup Only mode. 
-R Enables the Restore Only mode. 


2 Follow the on-screen instructions as the utility performs the migration. 


The migration utility does some pre-migration checks, performs the migration, then does some 
post-migration tasks. 


+ “Pre-migration” on page 146 
* "Migration" on page 146 
* "Post-migration" on page 146 


* "Handling Failures" on page 146 
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Pre-migration 
The utility performs the following checks: 


* The health and state of the replicas in the ring are verified. 


* Time synchronization is verified between the source and target servers. 


Migration 


The utility performs the migration of the eDirectory instance from the collected configuration 
information. This involves backing up the source server data, locking the eDirectory instance in the 
source server, migrating data to the target server, and restoring the eDirectory instance on the target 
server. The dependent NICI files are also migrated. 


Post-migration 
After migration, the following tasks are performed by the utility: 


* The nds.conf configuration file is modified with the source server eDirectory instance 
information, such as tree name and server name. 


* The eDirectory instance in the target server is restarted so it can use the new data. 


* Network address repair is performed to start the synchronization of the new IP address in the 
replica ring. 


Handling Failures 


During migration, the database in the source server is locked to avoid multiple copies of the instance 
running on the source and target servers. Multiple copies of the same instance can lead to data 
inconsistency. If the process fails and if you intend to bring up the source server again, you need to 
perform the following tasks: 


1 Remove the partially migrated eDirectory instance on the target server. 


For more information about removing the eDirectory instance from a server, see 'Removing a 
Server Object And Directory Services From a Tree’ (http://www.novell.com/documentation/ 
edir88/edirin88/data/a79kgOw.html#bxm6fn9) in the eDirectory 8.8 Installation Guide. 


2 Bring up the source server by reloading the directory services. Ensure that the source server is 
brought up on the network only when the migration fails. The database backup and log files are 
saved in the sys: \ folder. 


After the Migration 


After migration, the target eDirectory instance listens on the IP address of the target server and not on 
the source server’s address. It requires additional time after migration for the eDirectory instance to 
synchronize the new IP address in the replica ring. Successful eDirectory migration can be verified by 
performing eDirectory operations on the new IP address. 


If you want to use the existing security certificates, you must change the IP address of the target 
server to that of the source server. If you don’t want to do this, you must issue new certificates. 
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NOTE: If you change the IP address of the target server after migration, you must modify the 
nds.conf file, restart the eDirectory instance, and repair the network address and partitions replica 
manually. For more information about repairing eDirectory instance, see 'Advanced DSRepair 
Options’ (http://www.novell.com/documentation/edir88/edir88/data/aflm3p7 html) in the eDirectory 8.8 


Administration Guide. 
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18.1 


18.1.1 


18.1.2 


Migrating AFP to OES 11 SP3 


Migration refers to the process of migrating the Novell AFP services to target OES 11 SP3. 


For general information about the OES 11 SP3 Migration Tool, see Chapter 1, "Overview of the 
Migration Tools," on page 15. 


The following sections give you more details on the migration procedure for AFP. 


* Section 18.1, “Migrating AFP from NetWare to OES 11 SP3,” on page 149 
* Section 18.2, “Migrating AFP to OES 11 SP3,” on page 151 


Migrating AFP from NetWare to OES 11 SP3 


In these sections, the NetWare server is referred to as the source server and the OES 11 SP3 server 
as the target server. 


* Section 18.1.1, "Requirements," on page 149 

¢ Section 18.1.2, "Migration Scenarios," on page 149 

* Section 18.1.3, "Migration Procedure," on page 150 

¢ Section 18.1.4, “Verifying the Migration,” on page 151 
¢ Section 18.1.5, “Cross-Platform Issues,” on page 151 


Requirements 


Ensure that your source server and target server meet the following requirements: 


Source Server Requirements 


* NetWare 6.5 SP8 


Target Server Requirements 


* OES 11 SP3 server with AFP. For instructions, see "Installing and Setting Up AFP" in the OES 11 
SP3: Novell AFP for Linux Administration Guide. 


* The NSS data should already be migrated. For details, see Chapter 16, "Migrating File Systems 
to OES 11 SP3,” on page 97 


Migration Scenarios 


AFP supports the following migration scenarios: 


* Migrating Servers through Server Consolidation 
* Migrating Servers through Transfer ID 


For more information about these scenarios, see Section 1.3, "Migration Scenarios," on page 16. 
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NOTE: AFP does not support migration across different eDirectory trees. However, it can be 
achieved by using the Different Tree scenario to migrate the file system, then reconfiguring AFP on 
the target server. 


For details, see Section 16.6.2, "Migrating Data to a Server in a Different Tree," on page 112 and 
"Installing and Setting Up AFP" in the OES 11 SP3: Novell AFP for Linux Administration Guide. 


18.13 Migration Procedure 


You can perform the AFP configuration by using the Migration Tool or the command line interface. 


NOTE: Before migration, manually edit the a£ptcpd. cont file and set the number of threads within 
the valid range. For more information, see "Modifying the Thread Range" on page 150. 


* "Modifying the Thread Range" on page 150 
* "Using the Migration Tool to Migrate" on page 150 
* "Using Command Line Utilities to Migrate" on page 150 


Modifying the Thread Range 


With OES 11 SP2 and later, the valid thread range is as follows: 
* Minimum threads: 3 to 32, default value: 3 
* Maximum threads: 4 to 512, default value: 32 


Before migration, manually edit the a£ptcpd.cont file and set the number of threads within the valid 
range, then proceed with the migration procedure. If it is not changed and the minimum or maximum 
threads is out of the range, then AFP server will use default number of threads. 


Using the Migration Tool to Migrate 


1 Click Computer » More Applications » System » Novell Migration Tools to access the Migration 
Tool. 

2 Authenticate to the source and target servers. 

3 Select Novell AFP, then click Configure. The AFP configuration window is displayed. 


4 Click Migrate to begin the migration process. 


Using Command Line Utilities to Migrate 


To run the AFP migration utility through the command line, run migafp with the following parameters: 


Parameter Description 

-h Prints a summary of the migration process. 

-5 IP address of the source server. 

-u DN of the source tree admin. For example : cn=user, o=company). 
-wW Admin password to authenticate to the source server. 
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18.1.4 


18.1.5 


18.2 


18.2.1 


For example: 


migafp -s 10.10.10.1 -u cn-sourceadmin.o-novell -w password 


Verifying the Migration 
1 Ensure that all the context details from sys: /etc/ctxs.cfg (NetWare context file) are migrated 


to /etc/opt/novell/afptcpd/afpdircxt.conf (OES 11 SP3 server context file). 
2 Verify by running the command rcnovell-afptcpd start. 


Cross-Platform Issues 


AFP on Linux uses Universal Password as the authentication mechanism instead of the Simple 
Password authentication mechanism on NetWare. During migration from NetWare to Linux, the 
simple passwords on the NetWare system are synchronized to the Universal Password, so that the 
user can authenticate seamlessly to the AFP service on the Linux server. 


This feature is restricted based on the following conditions: 


* To synchronize the password of a first-time login user, authentication must happen using Diffie 
Hellman Exchange-2, Diffie Hellman Exchange, or Clear-text authentication method. To set the 
type of authentication, ensure that the authentication method (AUTH UAM) option in the /etc/ 
opt/novell/afptcpd/afptcpd.conf file is set to DHX2, DHX, cleartext. 


The automatic password synchronization will not occur if the user authenticates by using the 
Random Exchange or Two-way Random Exchange method of authentication. 


* |f you use the Diffie Hellman Exchange-2, Diffie Hellman Exchange, or Clear-text authentication 
method, the eDirectory service (ndsd) must be started with the environment variable 
NDSD TRY NDSLOGIN FIRST set to TRUE. 


If conditions above are not met, all the users with Simple Passwords are required to manually 
authenticate to the AFP server on NetWare after they are enabled for Universal Password, in order to 
trigger the password synchronization to Universal Password. 


Migrating AFP to OES 11 SP3 


This section describes how to migrate AFP from an OES 2 SP3 or OES 11 source server to an OES 
11 SP3 target server. 


Before you proceed with the migration, review Section 18.2.2, "Prerequisites," on page 152. 


* Section 18.2.1, "What Is Migrated," on page 151 

* Section 18.2.2, "Prerequisites," on page 152 

* Section 18.2.3, “Modifying the Thread Range,” on page 152 
* Section 18.2.4, "Migration Procedure," on page 152 

¢ Section 18.2.5, “Verifying the Migration,” on page 153 


What Is Migrated 


* Server configuration information 


Migrating AFP to OES 11 SP3 151 


18.2.2 


18.2.3 


18.2.4 


* 


* 


Volume Aliases information 
Contexts 


Prerequisites 


* 


OES 11 server is already installed and AFP is configured. For details, see the OES 11 SP3: 
Novell AFP for Linux Administration Guide. 


NSS Pools and volumes are already migrated to the new OES 11 SP3 server from the OES 2 
server. Use the cluster migrate resource name node name command to migrate the cluster 
pools and volumes. For details, see "Using the Cluster Migrate Command" in the OES 11 SP3: 
Novell Cluster Services for Linux Administration Guide. 


Non-cluster NSS volumes are already migrated to the new OES 11 SP3 server from the OES 2 
server. This can be done by unmounting the corresponding file system from the source machine 
and mounting it on the target machine. 


Before migration, manually edit the a£ptcpd.cont file and set the number of threads within the 
valid range. For more information, see Section 18.2.3, "Modifying the Thread Range," on 
page 152. 


Modifying the Thread Range 


With OES 11 SP2 and later, the valid thread range is changed to as follows: 


* 


* 


Minimum threads: 3 to 32, default value: 3 


Maximum threads: 4 to 512, default value: 32 


Before migration, manually edit the a£ptcpd.cont file and set the number of threads within the valid 
range, then proceed with the migration procedure. If it is not changed and the minimum or maximum 
threads is out of the range, the AFP server will use the default number of threads. 


Migration Procedure 


HB 


Migrating Server Configuration information: 


Manual: Edit the /etc/opt/novell/afptcpd/afptcpd.conf in the source server and add 
support for DHX2 authentication and subtree search in the AUTH UAM tag. After modifying the 
afptcpd.conf file, copy it from the source server to the target server. 


iManager: Using the iManager plug-in, enable support for DHX2 authentication and subtree 
search. For details, see “Administering the AFP Server” in the OES 11 SP3: Novell AFP for Linux 
Administration Guide. 


Migrating Volume Alias information: 


Copy the volume file /etc/opt/novell/afptcpd/afpvols.conf from the source server to the 
target server. 


Migrating Context information: 


Copy the context file /etc/opt/novell/afptcpd/afpdircxt.conf from the source server to 
the target server. 


Restart the AFP service for the configuration changes to take effect. 


5 After this migration, proceed with performing the service-specific proxy migration. For more 


information, see Chapter 32, “Migrating Proxy Users to OES 11 SP3,” on page 261. 
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18.25 Verifying the Migration 


Verify that the migration process is complete by checking for the following: 


* NMAS methods for AFP are installed and synched to the tree. For details, see “Verifying LSM 
Installation" in the OES 11 SP3: Novell AFP for Linux Administration Guide. 


* Login to the AFP server and try accessing the data. 
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19.1 


19.1.1 


19.1.2 


Migrating Novell Archive and Version 
Services to OES 11 SP3 


Migration refers to the process of migrating the Novell Archive and Version services to target OES 11 
SP3. 
* Section 19.1, “Migrating Novell Archive and Version Services to OES 11 SP3,” on page 155 


* Section 19.2, “Migrating Novell Archive and Version Services from NetWare to OES 11 SP3,” on 
page 158 


Migrating Novell Archive and Version Services to 
OES 11 SP3 


This section provides information on how to migrate Novell Archive and Version Services running on 
OES 1 SP2, OES 2 SP3, or OES 11 to OES 11 SP3. 

* Section 19.1.1, “Prerequisites,” on page 155 

¢ Section 19.1.2, “Migration Scenario,” on page 155 

¢ Section 19.1.3, “Migration Procedure,” on page 156 

* Section 19.1.4, “Post-Migration Procedure,” on page 156 

¢ Section 19.1.5, "Back up Script,” on page 157 

¢ Section 19.1.6, "Restore Script,” on page 157 


Prerequisites 


* The Archive server is installed on the target server. 
* The NSS file system is installed on the target server. 
* The Archive server and the Primary volume must reside in the same eDirectory tree. 


* The Archive server, PostgreSQL database, and Archive volume must be installed on the same 
machine. 


Migration Scenario 


* "Transfer ID - Same Tree" on page 155 
* "What Is Migrated" on page 156 


Transfer ID - Same Tree 


In this scenario, the target server is installed in the same tree as the source server. After successful 
completion of Transfer ID, the target server functions with the same credentials (such as IP address 
and hostname) as the source server, and the source server node is no longer available in the 
network. 
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What Is Migrated 


The following data is migrated from the source server to the target server: 


* The Archive volume that contains the versions of your files. 


* The configuration details stored in arkConfig.xm1 file located at /etc/opt/novell/ 
arkmanager/conf/. 


* Database records from the source PostgreSQL database to the target PostgreSQL database. 


19.13 Migration Procedure 


1 Install the OES 11 SP3 server as the target server for the Archive and Version Service into the 
same eDirectory tree as the source server. 


For more information, see "Setting Up Archive and Version Services " in the OES 11 SP3: Novell 
Archive and Version Services Administration Guide. 


2 Run the /opt/novell/arkmanager/«backup script» file on the source server. For information about 
the backup script, see Section 19.1.5, "Back up Script," on page 157. 


3 Copy the configuration files. 


4 Using the Migration Tool, migrate the data from the archive volume to the target server, retaining 
the same volume name and directory structure. 


5 Using the Migration Tool, migrate the date data from the primary volume to the target server 
retaining the same volume and directory structure. For more information, see "Using the 
Migration Tool GUI" on page 160. 


The archive admin is the proxy user. No specific proxy scripts are required for proxy migration. 


19.14  Post-Migration Procedure 


1 Before restarting the Archive server, ensure the following: 
* Migration of the Archive volume is successful. 


+ (Optional) Migration of the Primary volume is successful. In the arkConfig.xml file under 
the job tag, ensure that the server name and context reflect the configuration details of the 
target machine. 


* The migrated data from the volumes and database is consistent. 


+ Edit the arkConfig.xml file to update the Archive volume path under the archivePath tag 
on the OES 11 server. 


* Ensure that the admin is a member of the novlxtier group. For more information, see 
“Caveats on Upgrading from OES 2 to OES 11 SP3" in the OES 11 SP3: Novell Archive and 
Version Services Administration Guide. 


* Ensure that the admin is LUM-enabled on the target server running Archive and Version 
Services. 


* Ensure that the read-only attribute is not set on the ARK volume. 


To see if the ARK volume has the read-only attribute, enter attrib /media/nss/ARK. The 
output of this command includes the read-only (ro) attribute. 


To delete the read only attribute, enter attrib -c ro /media/nss/ARK. 
2 To start the Archive Service on OES 11 SP3 server, enter: 
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19.1.5 


19.1.6 


rcnovell-ark start 


3 Run /opt/novell/arkmanager/«restore script». For information about the backup script, see 
Section 19.1.6, "Restore Script," on page 157. 


Verifying the Migration 


To verify that the migration completed successfully, check the availability of file versions by using the 
NSS File Version Utility. 


Back up Script 


Before you upgrade to OES 11 SP3, run the script to back up the Archive database on the OES 2 
server. The user must have execute permissions to run the script. The script backs up the archive 
database to the arkdatabackup.sq] file. 


1 Save the following script to a file, then run the file on the terminal: 


#!/bin/bash 

set -e 

echo 

echo "Backing up Archive Versioning archive database" 
echo 


ARKUSER=arkuser 

DATABASE-archive database 

DATA PATH-^cat /etc/opt/novell/arkmanager/conf/arkdatadir.conf^ 
BACKUPFILE=$DATA PATH/arkdatabackup.sql 


echo "Provide password for SARKUSER" 
su SARKUSER -c "pg dump --clean $DATABASE > SBACKUPFILE" 


You are prompted for the arkuser password. 


NOTE: If the ackdatabackup. sql file is empty, repeat Step 1 to generate the contents. 


Restore Script 


When upgrading to the OES 11 SP3 server, you must restore the Archive database in order for 
Archive and Version Service to be available. The user must have execute permissions to run the 
script. The script restores the archive database from the arkdatabackup. sql file to the OES 11 SP3 
server. 

1 Configure Archive Version and Services using the same credentials used on the OES 2 server. 


2 Save the following script to a file, then run the file on the terminal: 
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19.2 


19.2.1 


#!/bin/bash 

set -e 

echo 

echo "Restoring Archive Versioning archive database" 
echo 


ARKUSER=arkuser 

DATABASE-archive database 

DATA PATH-^cat /etc/opt/novell/arkmanager/conf/arkdatadir.conf^ 
BACKUPFILE-S$DATA PATH/arkdatabackup.sql 

LOGFILE=$DATA PATH/restorelog.txt 

PORT=543 

HOST=localhost 


if [ -z DATA PATH ] 

then 
echo "Unable to locate SDATABASE location" 
exit 1; 

else 


echo "Provide password for SARKUSER" 

Su SARKUSER -c "psql -f SBACKUPFILE -d SDATABASE -h $HOST -p $PORT" 
>>SLOGFILE 2>&1 
fi 


You are prompted for the arkuser password. 


After successful restoration of the archive database, the file versions are available on the OES 
11 SP3 server. 


Migrating Novell Archive and Version Services 
from NetWare to OES 11 SP3 


This section provides information on how to migrate Novell Archive and Version Services running on 
NetWare 6.5 SP8 to OES 11 SP3. In this section, the NetWare server is referred to as the source 
server and the OES 11 SP3 server is referred to as the target server. 


For general information on the OES 11 SP3 Migration Tool, see Chapter 1, "Overview of the Migration 
Tools,” on page 15. 

* Section 19.2.1, "Prerequisites," on page 158 

* Section 19.2.2, "Migration Scenarios," on page 159 

* Section 19.2.3, "Migration Procedure," on page 159 

* Section 19.2.4, "Post-Migration Procedure," on page 162 


Prerequisites 


* The Archive server is installed on NetWare 6.5 SP8. For more information, see NW 6.5 SP8: 
Novell Archive and Version Services 2.1 Administration Guide. 


* Install the NSS file system on the OES 11 server. 
* The Archive server and the Primary volume must reside in the same eDirectory tree. 


* The Archive server, PostgreSQL database, and Archive volume must be installed on the same 
machine. 
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19.2.2 


19.2.3 


Migration Scenarios 


* "Migrate - Same Tree" on page 159 
* "Transfer ID - Same Tree" on page 159 
* "What Is Migrated" on page 159 


Migrate - Same Tree 


In the Migrate scenario, the data and configuration on the source server is overwritten. 


Transfer ID - Same Tree 


In this scenario, the target server is installed in the same tree as the source server. After a successful 
completion of Transfer ID, the target server functions with the same credentials (such as IP address 
and hostname) as the source server, and the source server node is no longer available in the 
network. 


What Is Migrated 


The following data is migrated from the source server to the target server: 


* The Archive volume that contains the versions of your files. 
* The configuration details stored in the arkConfig.xml file. 
* Database records from the MySQL database to the PostgreSQL database. 


Migration Procedure 


Hp 


Install the OES 11 server as the target server for the Archive and Version Services into the same 
eDirectory tree as the source server. 


For more information, see "Setting Up Archive and Version Services " in the OES 11 SP3: Novell 
Archive and Version Services Administration Guide. 


2 To stop the Archive and Version Services on the source server and continue to run the MySQL 
database, enter 


arkstop 
3 To stop the Archive Service on the target server, enter 
rcnovell-ark stop 
This command stops the Archive server and the default instance of the PostgreSQL database. 


4 If you have configured the Archive server with the default configuration, restart the PostgreSQL 
database with the following command: 


/opt/novell/arkmanager/bin/pg restart.sh 
5 Migrate data from the Archive volume on the NetWare server to the OES 11 server. 


The migration is from the NetWare NSS source volume to the OES 11 NSS target volume, where 
the source and target servers are in the same eDirectory tree. For more information, see OES 11 
SP3: NSS File System Administration Guide for Linux. 
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160 


IMPORTANT: You need to migrate the Archive volume before migrating the Archive and Version 
Service; otherwise, versions of files created on the NetWare server are unusable on the OES 11 
server. 


6 (Optional) Migrate data from the Primary volume on the NetWare server to the OES 11 SP3 
server, using either command line utilities or the GUI interface. For more information, see OES 
11 SP3: NSS File System Administration Guide for Linux. 


7 Decide how to migrate Archive and Version Services. 


The Migration Tool GUI has a plug-in architecture and is made up of command line utilities with a 
GUI wrapper. You can migrate Archive and Version Services by using either of the following 
methods: 


* "Using the Migration Tool GUI" on page 160 
* "Using the Command Line" on page 161 


Using the Migration Tool GUI 
1 Click Computer» More Applications» System » Novell Migration Tools to launch the Migration 
Tool GUI. 
For more information, see Chapter 5, "Using the Migration Tool GUI," on page 45. 


2 Authenticate to the source and target server. Archive and Version Services is listed in the 
Service panel. 


Select the Migration Type as Migrate for migrating the Archive service, or to Transfer ID for the 
Transfer ID scenario. 


3 In the Services to Migrate panel, click Add, then select Novell Archive and Versioning Services. 
The Status of the service is Not Configured. 


4 Select Novell Archive and Versioning Service, then click Configure. 


MySQL User Name 


MySQL Database Password 


MYSQL Database Port 3306 


Post&GresSQL Datatrase User Name arkuser 


PostGresSQL Database Password 


PostGreSQL Database Port 


5 Fill in the fields, using the information in the following table: 
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Parameter Description 


MySQL User Name Specify a user name for the administrator of the MySQL database on the 
Source server. 


MySQL Database Password Specify a password for the MySQL user. 


MySQL Database Port Specify a port number used for the archive database communications on 
the source server. Port 3306 is the default. 


PostgreSQL Database User Specify a user name for the administrator of the archive database (the 


Name PostgreSQL database for the archived data) on the OES 11 server. 
IMPORTANT: The Postgres user must be an unprivileged user, not the root 
user. 

PostgreSQL Database Specify a password for the PostgreSQL user. 


Password 


PostgreSQL Database Port Specify a port number to use for the archive database communications on 
the OES 11 server. Port 5432 is the default. 


6 Click OK. 
The Status of the service is Ready. 
7 Click Start to proceed with the migration. The Status is Migrating. 


In the Status pane, Service tab, you can view the progress of the migration. After the migration 
completes, the Status changes to Migrated. 


NOTE: If you encounter any errors during the migration, check the Logs tab in the Service pane. 
After resolving the errors, execute the migration procedure again. 


Using the Command Line 


1 Torun the Archive and Version migration utility through the command line, run /opt /novell/ 
migration/bin/migark.sh with the following details: 


Option Description 

--mysqldb-user=<opt> Specify a user name for the administrator of the MySQL database. 
--mysqldb-passwd=<opt> Specify a password for the MySQL user. 

--mysqldb-port=<opt> Specify a port number used for the archive database communications on 


the NetWare server. Port 3306 is the default. 


--hostname=<opt> Specify the host name or IP address of the NetWare server on which 
Archive and Version Services resides. 


--username=<opt> Specify the fully distinguished eDirectory name and context of the 
administrator user. For example, cn=admin.o=novell 


NOTE: Use the dot (.) format for specifying the eDirectory name and 
context, not the comma (,) format. 


--password=<opt> Specify a password for the Admin user. 
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Option Description 


--pg_db-user=<opt> Specify a user name for the administrator of the archive database (the 


PostgreSQL database for the archived data) on the OES 11 server. 


IMPORTANT: The Postgres user must be an unprivileged user, not the 


root user. 
--pg-db-passwd Specify a password for the PostgreSQL user. 
--pg_db-port=<opt> Specify a port number to use for the archive database communications 


on the OES 11 server. Port 5432 is the default. 


For example: 


/opt/novell/migration/bin/migark.sh --mysqldb-user=root --mysqldb- 
passwd=novell --mysqldb-port=3306 --hostname=192.168.1.255 -- 
username-cn-admin.o-novell --password-novell12 --pg db-user-arkuser --pg db- 
passwd-novelll12 --pg db-port-5432 


NOTE: If you encounter any errors during the migration, check the archive migration.log file in 
the /var/opt/novell/log/migration/ folder. After resolving the errors, execute the migration 
procedure again. 


19.2.4 Post-Migration Procedure 


1 Before restarting the Archive server, ensure the following: 


* 


* 


Migration of the Archive volume is successful. 


(Optional) Migration of the Primary volume is successful. In the arkConfig.xml file under 
the job tag, ensure that the server name and context reflect the configuration details of the 
target machine. 


The migrated data from the volumes and database is consistent. 


Edit arkConfig.xm1 to update the Archive volume path under the archivePath tag on the 
OES 11 server. 


Ensure that the admin is a member of the novixtier group. For more information, see 
“Caveats on Upgrading from OES 2 to OES 11 SP3" in the OES 11 SP3: Novell Archive and 
Version Services Administration Guide. 


Ensure that the admin is LUM-enabled on the target server running Archive and Version 
Services. 


Ensure that the read-only attribute is not set on the ARK volume. 


To check if the ARK volume has the read-only attribute, enter attrib /media/nss/ARK. 
The output of this command includes the read-only (ro) attribute. 


To delete the read-only attribute, enter attrib -c ro /media/nss/ARK 


2 To start the Archive Service on OES 11 SP3 server, enter: 


rcnovell-ark start 


Verifying the Migration 


To verify that the migration completed successfully, check the availability of file versions by using the 
NSS File Version Utility. 
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Migrating CIFS to OES 11 SP3 


Migration refers to the process of migrating CIFS to target OES 11 SP3. 


¢ Section 20.1, “Migrating CIFS from NetWare to OES 11 SP3,” on page 163 
* Section 20.2, “Migrating CIFS to OES 11 SP3,” on page 172 


20.1 Migrating CIFS from NetWare to OES 11 SP3 


The NetWare to OES 11 SP3 CIFS migration process can be either initiated from the Migration Tool 
or through a command line utility. For more information about the Migration Tool, see Chapter 1, 
“Overview of the Migration Tools,” on page 15. For more information about the command line utility, 
see Section 20.1.6, “Man Page for Migration,” on page 169. 

* Section 20.1.1, “Migration Prerequisites,” on page 163 

¢ Section 20.1.2, "Migration Scenarios," on page 163 

* Section 20.1.3, "Migration Procedure," on page 164 

* Section 20.1.4, "Post-Migration Procedure," on page 168 

¢ Section 20.1.5, “Verifying the Migration,” on page 168 

¢ Section 20.1.6, "Man Page for Migration,” on page 169 


20.11 Migration Prerequisites 


* The CIFS server is installed and configured on the source server on the following platforms: 
* NetWare 6.5 SP8 


For details about CIFS on a NetWare server, see the NW 6.5 SP8: AFP, CIFS, and NFS (NFAP) 
Administration Guide. 


* The CIFS server is installed and configured on the target server (OES 11 SP3). For details, see 
"Installing and Setting Up CIFS" in the OES 11 SP3: Novell CIFS for Linux Administration Guide. 


* NSS file system migration from the source to the target server is completed. 


20.12 Migration Scenarios 


The CIFS migration scenarios are explained in the following sections: 


* "Migrate - Same Tree" on page 164 
* "Migrate - Different Tree" on page 164 
* "Transfer ID - Same Tree" on page 164 


* "What Is Migrated" on page 164 
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20.1.3 


Migrate - Same Tree 


Only CIFS shares and contexts of the source servers are consolidated. The remaining server 
configuration information is not consolidated. The target server configuration is overwritten with the 
source server configuration. For details on consolidation migration, see Section 1.3, "Migration 
Scenarios," on page 16. 


Migrate - Different Tree 


CIFS consolidation for a Different Tree is not supported. However, it can be achieved by using the 
following procedure: 


1 Migrate the file system by using the Different Tree scenario. For details, see Section 16.6.2, 
"Migrating Data to a Server in a Different Tree," on page 112. 


2 Re-configure CIFS on the target server. For more information, see "Setting the CIFS Server and 
Authentication Properties" in the OES 11 SP3: Novell CIFS for Linux Administration Guide. 


Transfer ID - Same Tree 


In this scenario, the target is installed into the same tree with a temporary name and IP address. At 
the end of the procedure, the source server name and IP address are swapped for the target server 
name and IP address. For more information about this migration scenario, see Part IV, "Transfer ID 
Migration," on page 59. 


What Is Migrated 


The following table provides a quick overview of what is migrated from NetWare CIFS to OES 11 SP3 
CIFS for the different scenarios: 


Service supported Consolidation Transfer ID 

Same Tree Different Tree — Same Tree Different Tree 
Migrating CIFS shares Yes No Yes No 
Migrating CIFS contexts Yes No Yes No 
Migrating server configuration No No Yes No 
information 


Migration Procedure 


Follow the instructions in either of these sections to perform the CIFS migration: 


* "Using the Migration Tool" on page 164 
* "Using the Command Line" on page 166 


Using the Migration Tool 


1 Launch the Migration Tool on the target server in one of the following ways: 
Desktop: Click Computer » More Applications » System » Novell Migration Tools. 


Terminal: Log in as the root user and at a terminal prompt, enter miggui 
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For details on configuring source and target Server information, selecting a migration type, 
opening a project, and all the tool buttons, see Chapter 2, "Overview of the Migration GUI," on 
page 21. 


2 Click Aad, select Novell CIFS to migrate, then click OK. 


Add Services 
Service Name 


File System 
[Novell FTP 
Novell NTP 

ovell CIFS 


Ok Cancel 


The Status is displayed as Not Configured. 


3 Select Novell CIFS, then click Configure to configure the migration parameters. 


/ CIFS Shares 


Select the Volume from Source drop down list and Browse to give its path on Target. 


sure WE o [er 
Target |/media/nss/V1 Browse 
Source List Target List | Add 


Update 


Delete 


Q Cancel 


4 Under CIFS Shares, select the Source and Target shares for migration. 
* Use Browse to browse for target shares. 
+ Use Add to add more source and target share mappings. 
* Use Update to modify the configuration. Use Delete to remove the share mappings. 
* Use Delete to remove the share mappings. 
When you have filled in the information, the dialog will be similar to the following: 
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[ CIFS Shares 


Select the Volume from Source drop down list and Browse to give its path on Target. 


Source |VOL1 M 

Target | Browse 
Source List Target List | 

ark Jmedia/nss/ARK 

primary /media/nss/PRIMARY 

CIFS Jmedia/nss/CIFS 

VOLI Jmedia/nss/vOL1 


(9) Help 


© cancel 


IMPORTANT: The Migration Tool does not support migration of CIFS shares on a cluster 
resource. After the file system migration, you will need to manually configure the CIFS shares on 
the target Linux system. For more information, see "Managing CIFS Shares” in the OES 11 SP3: 
Novell CIFS for Linux Administration Guide. 


Click OK to complete the configuration. 
The Status is displayed as Ready. 


Click Migrate to start the migration process. When you are prompted to save the project, click 
Yes. 


In the next dialog box, click Yes to proceed with the migration. 


Wait for the migration to be completed. The Status changes to Migrated. The message CIFS 
Migration Successfully Completed is displayed. 


NOTE: Use the Status » Service Information to look for errors during migration. If there are 
errors, fix them and restart the migration procedure. 


Using the Command Line 


CIFS migration requires the complete source and target server details. 


1 Run the migCifs utility on the target server for migrating. 


An example migCifs command is shown below. For details on the command, see Table 20-1 
and see "migCifs" in Section 20.1.6, "Man Page for Migration," on page 169. 


migCifs -s «sourcelPaddr» -p «sourceportnum» -a «sourceFDN» -w <passwd> -f 
«sec/nonsecConn» -d «targetIPaddr» -q «targetportnumber» -b «targetFDN» -x 
<passwd> -g «secure/nonsecureconn» -S «MigrationType» [-m <cifssharemappings>] 


migCifs -s «sourcelPaddr» -p «sourceportnum» -a «sourceFDN» -w «passwd» -f 
«sec/nonsecConn» -d «targetIPaddr» -q «targetportnumber» -b «targetFDN» -x 
<passwd> -g «secure/nonsecureconn» -S «MigrationType» -c 


migCifs -s «sourcelPaddr» -p «sourceportnum» -a «sourceFDN» -w «passwd» -f 
«sec/nonsecConn» -d «targetIPaddr» -q «targetportnumber» -b «targetFDN» -x 
«passwd» -g «secure/nonsecureconn» -S «MigrationType» [-m «sourcecifsshares»] - 
È 
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Table 20-1 migCifs Command Details 


Command Option 
-S <sourcelPaddr> 
-p <sourceportnum> 
-a «sourceFDN» 


-w <passwd> 


-f <sec/nonsecConn> 


-d «targetlPaddr» 


-q <targetportnum> 


-b <targetFDN> 


-X <passwd> 


-g <sec/nonsecConn> 


-S <MigrationType> 


-m <mapfilename> 


Description 


Source server IP address. For example, -s 192.168.0.1. 
Port number of the source server. For example, -p 636. 
Source server FDN. For example, -a cn=admin,o=novell. 


Password for the source server FDN. For example, 
-w mysrc. 


Secure (SSL) or non-secure (Non-SSL) connection type 
of the source server. 1 for SSL and 0 for Non-SSL. SSL is 
preferred. For example, -f 1 or -f 0. 


Target server IP address. For example, -d 192.168.0.2. 


Port number of the target server. For example, 
-q 636. 


Target server FDN. For example, -b cn=admin,o=novell. 


Password for the target server FDN. For example, 
-x mytgt. 


Secure (SSL) or non-secure (Non-SSL) connection type 
of the target server. 1 for SSL and 0 for Non-SSL. SSL is 
preferred. For example, -g 1 or -g 0. 


Sets the Migration Type. O for Server to Server - Same 
Tree or Different Tree, 3 for Transfer ID, and 5 for 
Consolidation. For example, -S 0 or -S 3 or -S 5. 


CIFS source to the target share mapping file. This is an 
optional command. 


Create the file using any text editor. Separate individual 
sharemaps by a line. 


1. Open anew file in the text editor. 


2. Specify sourcesharename#targetsharepath. For 
example, 
share1#CIFSV1:linuxshare1 


share2#NSSvol:linuxshare2/cifsshare 


3. Specify the required number of share details and 
save the file. 


Does not migrate CIFS Shares and Server Configuration 
information from the source. Migrates only the CIFS 
Context information. 


Removes the shares related to NetWare server from the 
target server after a Transfer ID migration. If -r is passed, 
migCifs considers it as repair mode and retries the server 
configuration migration. If -r is not passed, then migCifs 
considers it as migration. 


Pass the source only CIFS share file. The source shares 
are listed and each share terminated with a #. For 
example, /media/nss/CIFSV1:#. Do not pass the CIFS 
Password Policies files with this option. 
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20.1.4  Post-Migration Procedure 


* “Restarting the CIFS Service” on page 168 
* "Enabling the "Share volumes by default" Option” on page 168 


Restarting the CIFS Service 


1 Run the following command to restart the service: 


rcnovell-cifs restart 


Enabling the “Share volumes by default" Option 


After the migration of CIFS service to OES 11 SP3, default shares will not be mounted by CIFS. 


1 View the list of all available share points, using the command novcifs -s1. 


2 Check the status of the "Share volumes by default" attribute, using the command novcifs -- 
list-servers. 


3 Enable the “Share volumes by default" attribute using the command novcifs --share-vols- 
default-«netbios name of the physical or virtual server» --value-yes 


For example, novcifs --share-vols-default-BLR8-192.168 W --value=yes. 


20.15 Verifying the Migration 


After the migration is complete, ensure that the CIFS service on the target server is available and 
running as it was on your NetWare server. This verifies that the migration has been successfully 
completed. 


If the CIFS service is not running after the migration, see "Migration" in the OES 11 SP3: Novell CIFS 
for Linux Administration Guide. 


After a successful migration: 


* All the CIFS shares are migrated and listed on the target server. 
* All the CIFS contexts are migrated to the target server. 


You can verify these steps for a successful migration by using either iManager or command line 
options. 


* "Using iManager to Verify the Migration" on page 168 
* "Using CLI to Verify the Migration" on page 169 


Using iManager to Verify the Migration 


1 Open iManager on the target server. 

2 Goto File Protocols » CIFS. 

3 Browse to or specify the OES 2 server. 

4 Click OK. 

5 Click Start. This displays the CIFS status as Running. 
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6 Click Shares. You must be able to list the sharepoints that were running on your NetWare server 
and now migrated to OES 11 SP3 server. 


For details on CIFS administration through iManager, see "Using iManager to Manage CIFS." 


Using CLI to Verify the Migration 


1 On the target server console, enter the command renovell-cifs status. 
2 If the status is not running, enter the command rcnovell-cifs start to start the server. 
3 If the status is running, enter the command rcnovell-cifs restart to restart the server. 


4 Enter the command novcifs [-sl | --share --list] or 
novcifs [-sln sharename | --share --list --name=sharename] 


This displays the list of sharepoints that were available on NetWare and are now migrated to the 
OES 11 SP3 server. 


For details on CIFS administration through command line utilities, see “Using the Command Line 
to Manage CIFS” in the OES 11 SP3: Novell CIFS for Linux Administration Guide. 


Man Page for Migration 


To access this man page with the command information, enter man migCifs at the command prompt. 


* "migCifs(8)" on page 169 


migCifs(8) 
A command line utility that communicates with the source and target servers for migrating CIFS 


configuration information from NetWare to OES 11 SP3. The command must be run on a target 
server. 


Syntax 


Migrating the CIFS Service from NetWare to OES 11 SP3 


migCifs -s «sourceIP» -p <portnumber> -a <sourceFDN> -w «password» -f «sec/ 
nonsecConnType» -d «targetIP» -q «portnumber» -b «targetFDN» -x «password» -g «sec/ 
nonsecConnType» -S «MigType» [-m <mapfilename>]-t «source treename» 


Synchronizing after Consolidation 


migCifs -s «sourceIP» -p <portnumber> -a <sourceFDN> -w «password» 
-f «sec/nonsecConnType» -d «targetIP» -q <portnumber> -b <targetFDN> 
-X «password» -g «sec/nonsecConnType» -S «MigType» -c 


Repair after Transfer ID 


migCifs -s «sourceIP» -p <portnumber> -a <sourceFDN> -w «password» 
-f «sec/nonsecConnType» -d «targetIP» -q <portnumber> -b <targetFDN> 
-x «password» -g «sec/nonsecConnType» -S «MigType» [-m «sourcesharefilename»] -r 
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Options 


Usage Options: 


-S <sourcelP> 


IP address of the source server. 


-p <portnumber> 


Port number of the source LDAP server. 


-a «sourceFDN» 


Fully Distinguished Name (FDN) of the source server tree administrator. 


-w «password» 


Password of the source server tree administrator. 


-f <sec/nonsecConnType> 


Enables or disables SSL connection for the source LDAP server. Set 1 for SSL and O0 for non- 
SSL connection. 


-d <targetIP> 


IP address of the target server. 


-q <portnumber> 
Port number of the target LDAP server. 


-b <targetFDN> 


Fully Distinguished Name (FDN) of the target server tree administrator. 


-Xx «password» 


Password of the target server tree administrator. 


-g <sec/nonsecConnType> 


Enables or disables the SSL connection for the target LDAP server. Set 1 for SSL and 0 for non- 
SSL connection. 


-S <MigType> 


Sets the Migration Type. O for Server to Server - Same Tree or Different Tree, 3 for Transfer ID, 
and 5 for Consolidation. For example, -S 0 or -S 3 or -S 5. 


-m <mapfilename> 

Full path of the file that contains the source and target server share mappings. 
-t «source treename» 

Tree name of the source. 
-C 


Does not migrate CIFS Shares and Server Configuration information from the source. Migrates 
only the CIFS Context information. 
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-r 
Removes the shares related to the NetWare server from the target server after a Transfer ID 
migration. If -r is passed, migCifs considers it as repair mode and retries the server configuration 
migration. If -r is not passed, then migCifs considers it as migration. 

Help Options 

-h | --help 
Displays the help information of the command and syntax. 

-u | --usage 


Displays the usage information of the command. 


Files 


/etc/opt/novell/cifs/cifs.conf 
CIFS configuration file. 


/etc/opt/novell/cifs/cifsctxs.conf 


CIFS context file. 


/etc/opt/novell/cifs/.cifspwdfile 
Encrypted CIFS proxy user file. 


/var/opt/novell/log/cifs.log 
CIFS server log file. 


/var/opt/novell/migration/Newproj [n] /log/cifs.log 
CIFS migration log file. 


Example 


migCifs -s 192.168.0.1 -p 636 -a cn-admin,o-novell -w novell -f 1 -d 192.168.0.2 - 
q 636 -b cn-admin,o-novell -x novell -g 1 -S 0 -m /cifsShares.tmp -t novelltree 


Authors 


Copyright 2005-2014, Novell, Inc. All rights reserved. http://www.novell.com 


See Also 


novcifs(8) 


Report Bugs 


To report problems with this software or its documentation, go to http://bugzilla.novell.com. 
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20.2 


20.2.1 


20.2.2 


20.2.3 


Migrating CIFS to OES 11 SP3 


This section describes how to migrate CIFS from an OES 2 SP3 or OES 11 environment to OES 11 
SP3. 


Before you proceed with the migration, review Section 20.2.2, "Prerequisites," on page 172. In this 
section, the source server refers to an OES 2 SP3 or OES 11 server, and the target server refers to 
an OES 11 SP3 server. 

* Section 20.2.1, "What Is Migrated," on page 172 

* Section 20.2.2, "Prerequisites," on page 172 

* Section 20.2.3, "Migration Procedure," on page 172 

* Section 20.2.4, "Post Transfer ID Migration Procedure," on page 173 

* Section 20.2.5, "Verifying the Migration," on page 174 


What Is Migrated 


* Server configuration information 
* Shares 


* Contexts 


Prerequisites 
* OES 11 server is already installed and CIFS is configured. For more information, see the OES 11 
SP3: Novell CIFS for Linux Administration Guide. 


* NSS Pools and volumes are already migrated to the new OES 11 SP3 server from the OES 2 
server. Use the cluster migrate resource name node name command to migrate the cluster 
pools and volumes. For details, see "Using the Cluster Migrate Command" in the OES 11 SP3: 
Novell Cluster Services for Linux Administration Guide. 


* Non-cluster NSS volumes are already migrated to the new OES 11 SP3 server from the OES 2 
server. This can be done by unmounting the corresponding file system from the source machine 
and mounting it on the target machine. 


Migration Procedure 


1 Migrating Server Configuration information: 


In the case of ID Swap, on the target server using iManager, replicate the following server 
properties: 


* Name 

* Comment 

* Domain/Workgroup 
* Support for Oplocks 
* Support for DFS 


2 Migrating Share information: 
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During the migration process, all shares except the shares that have been manually added are 
migrated. To replicate the shares that are manually added, use the CIFS iManager plug-in. For 
more information, see "Managing CIFS Shares " in the OES 11 SP3: Novell CIFS for Linux 
Administration Guide. 


3 Migrating Context information: 


Manual: Copy the context file /etc/opt /novell/cifs/cifsctxs.conf from the source server 
to the target server. 


iManager: Using the CIFS iManager plug-in, replicate the CIFS user's context. For details, see 
"Configuring a CIFS User Context" in the OES 11 SP3: Novell CIFS for Linux Administration 
Guide. 


NOTE: After completing the migration, ensure that you reconfigure the CIFS service using yast2 
novell-cifs or the iManager Add Context task to add the contexts to the cifsctxs.conf file, before 
you enable the subtree search feature. 


4 Copying the CIFS configuration file: 
Copy the /etc/opt/novell/cifs/cifs.cont file from the source to the target server. 


CIFS configuration settings are stored in eDirectory and configuration files. During Transfer ID 
migration, the settings in eDirectory are migrated automatically, whereas the settings stored in 
the configuration files are not. To migrate them manually, copy the ci£s.cont file to the target 
server. 


5 Restart the CIFS server using the rcnovell-cifs restart command. 


6 Proceed with the proxy migration. For services using the common proxy, see "Services that Are 
Using Common Proxy" on page 261. For services using the service specific proxy, see "Services 
that Are Using Service-Specific Proxy" on page 263. 
Post Transfer ID Migration Procedure 


¢ “OES 2 SP3 or OES 11 to OES 11 SP3" on page 173 


OES 2 SP3 or OES 11 to OES 11 SP3 


After performing the migration steps in "Transfer ID Migration Procedure" on page 261, perform the 
following tasks: 


* "Restarting the CIFS service" on page 173 
* "Re-enabling Pass-through Information Levels Capability" on page 174 
+ "Enabling the "Share volumes by default" Option" on page 174 


Restarting the CIFS service 


1 Run the following command to restart the service: 


rcnovell-cifs restart 
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Re-enabling Pass-through Information Levels Capability 


1 If you have enabled pass-through information levels capability on the target server, copying the 
cifs.conf file might overwrite the settings. To re-enable it on the target server after the 
migration is complete, run the novcifs -info-level-passthru-yes command. 


Enabling the “Share volumes by default” Option 


After migration of the CIFS service to OES 11 SP3, default shares will not be mounted by CIFS. 


1 View the list of all available share points, using the command novcifs -s1. 


2 Check the status of the "Share volumes by default" attribute, using the command novci£s -- 
list-servers. 


3 Enable the “Share volumes by default" attribute, using the command novcifs --share-vols- 
default-«netbios name of the physical or virtual server» --value-yes. 


For example, novcifs --share-vols-default-BLR8-192.168 W --value-yes. 


Verifying the Migration 


After you have migrated the Novell CIFS services to the OES 11 SP3 target, verify that the migration 
process is complete by doing the following: 


* Verify that the NMAS methods for CIFS are installed and synchronized to the tree. For details, 
see "Verifying LSM Installation" in the OES 11 SP3: Novell CIFS for Linux Administration Guide. 


* Log in to the CIFS server and attempt to access the data. 
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21.1 


21.1.1 


Migrating DHCP to OES 11 SP3 


Migration refers to the process of migrating the Novell DHCP Services running on NetWare or Open 
Enterprise Server (OES) 2 to OES 11. 


For general information about the OES 11 Migration Tool, see Chapter 1, “Overview of the Migration 
Tools,” on page 15. 

¢ Section 21.1, “Migrating DHCP from NetWare to OES 11 SP3,” on page 175 

« Section 21.2, “Migrating DHCP to OES 11 SP3,” on page 185 


Migrating DHCP from NetWare to OES 11 SP3 


In these sections, the NetWare server is referred to as the source server and the OES 11 SP3 server 
as the target server. 

* Section 21.1.1, “Migration Requirements," on page 175 

* Section 21.1.2, “Migrating DHCP,” on page 176 

¢ Section 21.1.3, "Migration Scenarios," on page 183 

* Section 21.1.4, “Migrating a Cluster," on page 184 

¢ Section 21.1.5, “Post-Migration Procedures,” on page 184 

¢ Section 21.1.6, “Verifying the Migration,” on page 185 


Migration Requirements 


Make sure your setup addresses the following requirements before you migrate DHCP to the new 
platform. 


C] An eDirectory integrated DHCP server installed and configured on the target machine. This 
takes care of the schema extension on the target server tree and the creation of the dhcpLocator 
and DHCPGroup objects. 


C] The user running DHCP Migration requires read and write permissions on the target machine for 
the following folders: 


/opt/novell/migration/dhcpmigration/tmp 
/opt/novell/migration/dhcpmigration/dhcp 
Recommended: Run DHCP Migration as the root user. 


C] The target and source servers should have their time synchronized; otherwise, the leases might 
not function properly. 


C] Use the following source NetWare platform for the migration process: 
* NetWare 6.5 SP8 
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Migrating DHCP 
To migrate the DHCP Services, you can use the Migration Tool or the command line interface. 


* "Understanding the Migration Process" on page 176 
* "Using the Migration Tool to Migrate Servers" on page 177 


* "Using the Command Line to Migrate Servers" on page 182 


Understanding the Migration Process 


Ensure that you install the OES 11 SP3 server as the target server for the DHCP Services. For more 
information, see “Installing and Configuring DHCP " in the OES 11 SP3: Novell DNS/DHCP Services 
for Linux Administration Guide. 


During migration, the NetWare DHCP configuration objects are read and mapped to the 
corresponding configuration objects on Linux DHCP. This helps in retaining the same functionality 
after the migration process. 


C] Subnets: All the subnets associated with the NetWare DHCP server are migrated to the new 
platform. If there is at least one address range associated with the NetWare DHCP server inside 
the subnet, the subnet is migrated with all the associated address ranges. The subnet object is 
created inside the dhcpService object on Linux. After migration, the subnet is identified by its IP 
address. 


C] DHCP Server: You can specify the name of the DHCP server in the Server Name field under the 
Target Options tab. 


C] DHCP Service: During a server-level or tree-level migration, a dhcpService object is created on 
the target server corresponding to each source NetWare DHCP server. This is the container 
object that contains all the DHCP configuration data associated with DHCP server. The 
dhcpService object is created inside the context specified in the Service Context field during 
migration. The dhcpService object name can be specified in the Service Name field under the 
Target Options tab. 


For a subnet-level Migration, the subnets are created inside an existing dhcpService object on 
the target server. Specify the existing dhcpService object in the Service Context field. 


C] Address Range: After the migration process, all the address range objects are mapped to pool 
objects on Linux. 


C] Zone: After the migration, all the zone objects retain the same name as they had on the 
NetWare platform. Zone objects are also created inside the dhcpService object. 


C] Subnet Pool: On the Linux platform, subnet pools on NetWare are mapped to the Shared 
Network objects. 


C] IP Address (manual): All manually defined IP addresses are migrated as hosts inside the 
subnet object. The hosts are identified by their IP addresses. For example, if the address of an 
IP address object on NetWare is 1.1.1.1, on Linux it is identified as 1 1 1 1. 


C] IP Address (dynamic): Information on all the dynamically leased IP addresses is maintained at 
the /var/1ib/dhcp/db location. This lease file contains details for every IP address leased. 


C] Comments: Any comments that exist on the NetWare platform are not migrated to the Linux 
platform. 


C] Excluded Hardware Addresses: Excluded hardware addresses on NetWare after migration 
are mapped to class-excluded hosts on Linux. 
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C] Included Hardware Addresses: Included hardware addresses on NetWare after migration are 


mapped to class-included hosts on Linux. 


NOTE: If the name of any object contains a space, the space is replaced by an underscore " " during 


migration. 


Using the Migration Tool to Migrate Servers 
1 Open the Migration Tool GUI using the instructions in "Launch the Migration Tool Utility" on 
page 45. 
2 Follow the Migration Process to start the process. 
3 Click Add in the Services to Migrate panel, then select the Novell DHCP Service. 


Add Services 
Service Name 


File System 
Novell FTP 

Novell NTP 
Novell iPrint 


Novell DHCP Service 


| Ok | | Cancel 


4 Click OK, then click Configure. The DHCP configuration window displays. 
5 DHCP provides migration at the following levels: 

* "Server Level" on page 179 

+ “Subnet Level” on page 181 


* "Tree Level" on page 182 


Configuring DHCP Options 
The DHCP configuration window consists of three tabs: 


* Source Options 
* Target Options 


* Reverse Zone Selection 


Source Options 


This tab lets you choose the level of migration that you want to use: 


* Server Level 
* Subnet Level 
* Tree Level 
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Target Options 


This tab lets you choose the DHCP options for each level of migration. The following table lists the 
fields in the target options tab: 


Table 21-1 DHCP Configuration fields 


Field Description 

Server Context Context of the target DHCP server object. 

Server Name Name of the target DHCP server object. 

Service Context Context of the target DHCP service object. 

Service Name Name of the target DHCP service object. 

Locator Object Distinguished name of the dhcpLocator object in the target tree. 

Group Object Distinguished name of the DHCPGroup object in the target tree. 

Lease file location Lease file name with absolute file path where the NetWare DHCP dynamic leases 


are migrated. 


Reverse Zone Selection 


Reverse zones are used for reverse lookups. It finds the DNS name associated with the IP address. 
Use this tab to select the available reverse zones on the source to be migrated to the target. 


NOTE: The forward zones associated with a subnet in a DDNS setup are automatically migrated. The 
forward zones are not required to be selected exclusively in this scenario. 


The following table lists the fields in the DHCP configuration window: 


Table 21-2 DHCP Configuration fields 


Field Description 

Server DN The distinguished name of the DHCP server to be migrated. 

Subnet DN The distinguished name of the subnet to be migrated. 

Base DN The distinguished name of the container on the target tree where the configuration is 


to be migrated. 


NOTE: For tree-level and server-level migration, Base DN is a container such as 
Organization, Organization Unit, or Domain. 


For subnet-level migration, Base DN is a DHCP Service object only. When you 
browse for the Base DN, it appropriately displays all the available service objects. 


Locator DN The distinguished name of the dhcpLocator object in the target tree. 
NOTE: Not applicable for a subnet-level migration. 
Group DN The distinguished name of the DHCPGroup object in the Target tree. 


NOTE: Not applicable for a subnet-level migration. 
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Field 


Lease file 


Description 


on NetWare are mapped to a lease file entry in this file. 


NOTE: Not applicable for tree-level and server-level migration. 


Migration Methods 


You can choose to migrate DHCP services by any of the following methods: 


* Server Level 
* Subnet Level 


* Tree Level 


Server Level 


In the Server Level migration, the selected NetWare DHCP server is migrated to the OES 11 SP3 


server. You can choose to migrate only one server at a time. 


The path and file name for the leases to be migrated. All the dynamic IP addresses 


NOTE: Refer to Table 21-2 on page 178 for DHCP configuration field descriptions. 


1 In the Source Options tab of the DHCP migration window, select the Server level option. 


Target Options 


Source Options 


DHCP. Migration 


| Reverse zone selection | 


Select the level for Migration 


@ Server level 


Server DN 


(© Subnet level 


Subnet DN(s) 


© Tree level 


cn-DHCP. server o-novell 


| Fic | 


| @ Cancel | 


2 Click Browse to select the Server DN. 


Server DN: The Server DN is the distinguished name of the server to be migrated. You can 


browse to the Source tree (only containers and server objects are displayed) to locate the server 
to be migrated. Select the server object and click OK. If the selected object is not a DHCP server, 


then a warning is displayed. 


3 In the Target Options tab, click Browse to select the Server Context. 
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DHCP Migration 


[ Source Options | Target Options | Reverse zone selection 


Specify the DHCP Options 


You can browse or specify the service or server name 


Server Context: 


Server Name: cn-DHCP server 


Service Context: 


Service Name: cn-Service 


Locator Object: cn- dhcpLocator, o - novell 


Group Object: cn 2 DHCPGroup, o 2 novell 


Lease file location: Jvarjlib/dhcp/db/dhcpd.leases 


Note: For Target on cluster path edit Lease File Location 


© Help Ol @ Cancel 


Click Browse to select the existing Server Name or add the new server name that you want to 
migrate. 


For more information, see “Server Management” in the OES 11 SP3: Novell DNS/DHCP 
Services for Linux Administration Guide. 


5 Click Browse to select the Service Context. 


6 Click Browse to select the existing Service Name or add the new service name that you want to 


migrate. 


7 Click Browse to select the Locator Object. 


Click Browse to select the Group Object. 


9 Specify the Lease file location. 


10 


In the Reverse Zone Selection tab, select the reverse zones in Available Reverse Zones. Click 
Add to add all the selected zones. Use the Ctrl key to select multiple zones. 
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DHCP Migration 


[ Source Options T Target Options I Reverse zone selection 


Select the reverse zones on the source to be migrated to the target 


Available Reverse Zones 


cn-118 1 198 IN-ADD 


Zones selected for migration 


Add »» 


«« Remove 


a 


il D> 
O Select All C] Select All 


@ Cancel | 


11 Click OK to complete the configuration. 


Subnet Level 


In the Subnet Level migration, the selected subnets associated with the NetWare DHCP server are 
migrated to the OES 11 SP3 server. The subnet objects are created inside the dhcpService object on 
the Linux server. After migration, the subnet is identified by its IP address. You can choose to migrate 
multiple subnets at a time. 


NOTE: See Table 21-2 on page 178 for DHCP configuration field descriptions. 


1 In the Source Options tab of the DHCP migration window, select the Subnet Level option. 
2 Click Browse to select the Subnet DN(s). Use the Ctrl key to select multiple subnets. 
Subnet DN(s): The Subnet DN is the distinguished name of the subnets to be migrated. 


You can browse to select one or more subnets. The selected subnets are displayed in the list 
box. If an incorrect container is selected, then a warning is displayed. 


3 In the Target Options tab, click Browse to select the Service Context. 
4 Click Browse to select the existing Service Name that you want to migrate. 


The Server Context, Server Name, Locator Object, and Group Object options are not applicable 
for subnet level migration. 


5 Specify the Lease file location. 


6 In the Reverse Zone Selection tab, select the reverse zones in Available Reverse Zones. Click 
Add to add all the selected zones. Use the Ctrl key to select multiple zones. 


7 Click OK to complete the configuration. 
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Tree Level 


In the Tree Level migration, all the NetWare DHCP servers in the tree are migrated to the OES 11 
SP3 server. 


NOTE: See Table 21-2 on page 178 for DHCP configuration field descriptions. 


1 In the Source Options tab of the DHCP migration window, select the Tree Level option. 


2 In the Target Options tab, click Browse to select the Server Context. 


wo 


Click Browse to select the Service Context. 

The Server Name and Service Name options are displayed by default, but they are disabled. 
Click Browse to select the Locator Object. 

Click Browse to select the Group Object. 

Specify the Lease file location. 


N © oF A^ 


Click OK to complete the configuration. 


Using the Command Line to Migrate Servers 


1 Torun the DHCP migration utility through the command line, run /opt /novell/migration/bin/ 
migdhcp with the following parameters: 
Option Description 
-h Print this summary. 


-k Level of migration (subnet|tree|server). 


-i Verbose mode - on or off. 


-d Debug mode - on or off. 

-S IP address of the source LDAP server. 

-p Port number of the source LDAP server. 

-a DN of the admin user in the source tree. 

t IP address of the target LDAP server. 

-q Port number for the target LDAP server. 

-b DN of the admin user in the destination tree. 


-l DN of the dhcpLocator object in the destination tree (required only for server-level or tree-level 


migration). 

-g DN of the DHCPGroup object in the destination tree (required only for server-level or tree-level 
migration). 

-e DN of the server to be migrated (required only for server-level migration). 

-n Base DN for the server on the destination tree. 

-m Base DN for the service on the destination tree. 

-r 1 for source SSL bind, O for source non-SSL bind. 

-u 1 for destination SSL bind, O for destination non-SSL bind. 
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21.1.3 


Option Description 


-f Absolute path of the file containing the DNs of the subnets that you want to migrate (required 
only for subnet-level migration). Enter the subnet DNs in the following format: 


cn=subnet1,o=novell 
cn=subnet2,ou=novel1,o=novell 


cn=subnet3,ou=novell2,o=novell 


-C Absolute path of the file where you want to store the lease file information. 

-E DHCP server object name on the Target server (required only for server-level migration). 
-S DHCP service object name on the Target server (required only for server-level migration). 
-Z Full path of the file containing the Reverse Zone DNs. 


Examples for Command Line Migration 


Tree Level: /opt/novell/migration/bin/migdhcp.sh -k tree -i on -d on -s 
192.168.13.1 -p 636 -a cn-admin,o-novell -t 182.155.13.8 -q 636 -b 
cn-admin,o-novell -1 cn=dhcpLocator,o=novell -g cn-DHCPGroup,o-novell -n 
o=novell -r 1 -u 1 


Server Level: /opt/novell/migration/bin/migdhcp.sh -k server -i on -d on -s 
192.168.13.1 -p 636 -a cn=admin,o=novell -t 182.155.13.8 -q 636 -b 
cn-admin,o-novell -1 cn=dhcpLocator,o=novell -g cn-DHCPGroup,o-novell -e 
cn=DHCP_SERVER, o=novell -n o=novell -r 1 -u 1 


Subnet Level: /opt/novell/migration/bin/migdhcp.sh -k subnet -i on -d on -s 
192.168.13.1 -p 636 -a cn=admin,o=novell -t 182.155.13.8 -q 636 -b 
cn-admin,o-novell -n cn-DHCPService,o-novell -r 1 -u 1 -f /somelocation/ 
filewithsubnetdns -c /somelocation/filename 


Migration Scenarios 


DHCP migration supports two scenarios: 


* "Transfer ID" on page 183 

* "Consolidation" on page 184 
For more information about these scenarios, see "Support Matrix for NetWare and OES Services" on 
page 18. 


Transfer ID 


In this scenario, the identity of the target server is swapped with the source server. The IP address 
and the machine name of the target server change to the source IP address and machine name. The 
target should be installed in the same tree as the source server. The target should be a non-replica 
server. 


Based on the level of migration (subnet, server, or tree), the configuration objects are created for the 
Linux DHCP server on the target tree inside the dhcpService object created during migration. 
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21.1.4 


21.1.5 


Consolidation 


In this scenario, the configuration data associated with the source server is associated with a single 
target server. DHCP Consolidation migration can be performed at the tree, server, or subnet-level. 


Migrating a Cluster 


There are two scenarios for migrating clusters: 


* "NetWare and Linux Clusters Attached to the Same Tree" on page 184 


* "NetWare and Linux Clusters Attached to Different Trees" on page 184 


NetWare and Linux Clusters Attached to the Same Tree 


Run the Migration Tool from one of the Linux nodes. Perform the tree-level migration with the source 
and target servers on the same tree. 


This ensures that all NetWare DHCP configuration data is available for Linux DHCP. 


In this scenario, both the NetWare server and the OES 11 SP3 server are on the same eDirectory 
tree. The NetWare source server must be running NetWare 6.5 SP8. The Linux target server must be 
running SUSE Linux Enterprise Server (SLES) 11 SP4 with OES 11 SP3 on 64-bit hardware. 


NetWare and Linux Clusters Attached to Different Trees 


Run the Migration Tool from one of the Linux nodes. Perform the tree-level migration with the source 
server (the tree to which NetWare clustered nodes are attached) on one tree and the target server 
(the tree to which the Linux clustered nodes are attached) on another tree. 


This ensures that all NetWare DHCP configuration data is available for Linux DHCP. 


In this scenario, the NetWare server and the OES 11 server are on different eDirectory trees. The 
NetWare source server must be running NetWare 6.5 SP8. The Linux target server must be running 
SUSE Linux Enterprise Server (SLES) 11 SP4 with OES 11 on 64-bit hardware. 


Post-Migration Procedures 


1 Inthe /etc/dhcpd. conf file, change 1dap-base-dn to reflect the context of the migrated DHCP 
Server and change 1dap-dhcp-server-cn to reflect the name of the migrated DHCP Server. 


2 Check the lease file at the /var/1ib/dhcp/db/dhcpd.1leases folder. 


3 To use DDNS after a subnet-level migration, add the following settings to the DHCP Server 
Object: 


* ddns-rev-domainname in-addr.arpa 
* ddns-update-style interim 

* client-updates deny 

* update-optimization false 


NOTE: DDNS updates are required only when you migrate to an existing DHCP server. 
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4 Start the OES 11 DHCP server by using the rcnovell-dhcpd start command. 


5 Continue with "Cluster Migration from NetWare to Linux" on page 185 and "Running a 
Preexisting DHCP Server" on page 185 as necessary. 


Cluster Migration from NetWare to Linux 


On the node where you ran the migration: 


1 Open the «mountpath»/etc/dhcpd. conf file. 


The <mountpath> parameter indicates the target directory in the shared volume where DHCP- 
specific directories are created. 


Inside the /etc/dhcpd. conf file, which is located in the shared volume, change the /dap-dhcp- 
server-cn attribute to the migrated server cn. 


2 Copy the migrated server.leases file from the /var/lib.dhcp/bd folder to the <mountpath> var/ 
lib/dhcp/db/ folder and rename it to dhcpd. leases. 


Running a Preexisting DHCP Server 


After migration, the DHCP server and service objects are created in the tree. You can run a 
preexisting DHCP server along with the migrated NetWare server's configuration. 

1 Login to the tree by using Java Management Console. 

2 Click the DHCP (OES Linux) tab. 


3 From the left pane in the Java Management console, select the service object that was created 
after migrating the NetWare server. 


4 Associate this service object with the existing DHCP server. 


211.6 Verifying the Migration 


To verify the migration, use Java Console to go to the destination tree and locate the DHCP Server 
object and the corresponding DHCP Service object. All the DHCP server configuration is stored 
inside the corresponding DHCP Service object. 


Verify that leases are present: 


C] For a tree-level, server-level, or subnet-level migration, the lease file name and location are 
provided by the user. Ensure that the expected files are present in the specified location. 


212 Migrating DHCP to OES 11 SP3 


In this section, the source server refers to an OES 2 SP3, or OES 11 server and the target server 
refers to an OES 11 SP3 server. 

¢ Section 21.2.1, “Planning Your Migration,” on page 186 

* Section 21.2.2, "Migration Scenarios,” on page 186 

* Section 21.2.3, "Post-Migration Procedure," on page 188 

¢ Section 21.2.4, “Verifying the Migration,” on page 188 
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21.2.1 


21.2.2 


Planning Your Migration 


Make sure your setup addresses the following requirements before you migrate DHCP to the new 
platform. 
* "Requirements" on page 186 


¢ "Supported Platforms” on page 186 


Requirements 


* An eDirectory integrated DHCP server installed and configured on the target machine. This 
takes care of the schema extension on the target server tree and the creation of the dhcpLocator 
and DHCPGroup objects. 


+ |f the target server is in a different subnet, ensure that you create a subnet in the target server 
before migration. 


Supported Platforms 


The following platforms are valid source platforms for the migration process: 


* OES2 SP3 
* OES 11 

* OES 11 SP1 
* OES 11 SP2 
* OES 11 SP3 


Migration Scenarios 


To migrate DHCP to the new platform, you can use the Java Management Console. During migration, 
the configuration details as well as the data are migrated to the destination platform. 


NOTE: To enable DHCP to autostart after a successful migration, execute the chkconfig -a dhcpd 
command on the source server. 


* "Migrating Servers within the Same eDirectory Tree" on page 186 


* "Migrating Servers Across eDirectory Trees" on page 187 


Migrating Servers within the Same eDirectory Tree 


1 Launch Java Console. 
2 Select the service container object that you want to migrate to the target DHCP server. 


3 From the Default DHCP Server list in the General Tab, select the DHCP server object of the 
target machine. 


4 Click Save. 


5 Migrate the DHCP leases from OES 2 SPx to OES 11. To migrate the DHCP leases, copy the / 
var/lib/dhcp/db/dhcpd.1leases file from the source OES 2 server to the corresponding 
location in the OES 11 server. 
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6 Perform Transfer ID. For more information, see Part IV, "Transfer ID Migration," on page 59. 


7 After this migration, proceed with performing the service-specific proxy migration. For more 
information, see "Migrating Proxy Users to OES 11 SP3" on page 261. 


Migrating Servers Across eDirectory Trees 


To migrate servers across eDirectory trees, you need to export the source server's DHCP 
configuration and import the DHCP configuration to the target server. 


The import and export operation is used to transfer the DHCP service configuration from files into 
eDirectory or from eDirectory to a text file in a dhcpd. conf format respectively. Only Linux DHCP 
configuration files should be used to import or export the DHCP configuration. 


NOTE: Before importing a DHCP configuration file, check the syntax of the file with the xcnovell- 
dhcpd check-syntax command. The command reads /etc/dhcpd.conf and checks the syntax. 


+ “Exporting the DHCP Configuration" on page 187 
* "Importing the DHCP Configuration" on page 187 
* "Migrating DHCP Leases from OES 2 SP3 or OES 11 to OES 11 SP3" on page 188 


Exporting the DHCP Configuration 


The file is exported in a dhcpd.conf format. These files can be imported anywhere and can also be 
imported back to eDirectory by using the DNS/DHCP Java-based Management Console Utility. 


1 Click the DHCP (OES Linux) tab of the Java Management Console. 
2 Click =} Export DHCP Database on the toolbar to open the Export - DHCP window. 


3 Specify the name of a destination file or browse to select a file name from the dialog box, then 
click Next. 


4 Select the services by using the Export DHCP - Service List window. 
5 Click Export to store your information in a file. 
6 Click Finish to complete the export. 


If the export program encounters any error, the Details button is enabled in the error window. 
Click Details to view the error details. 


Importing the DHCP Configuration 


The configuration file to import should be in DHCP V3 format. Importing the Linux DHCP 
configuration file overwrites the associated DHCP server's settings. 


To import the DHCP files: 
Click the DHCP (OES Linux) tab of the Java Management Console. 


Click =| Import DHCP Database on the toolbar. 
Click Browse to select or specify the path for the DHCP database file. 


1 

2 

3 

4 Click Next to open the Import - File Input window. 

5 Specify the service name in the Service Name text box. 
6 


In the Select NDS Context text box, browse to select or enter the context where the service is to 
be created. 
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7 (Optional) Select a Default DHCP Server from the drop-down list. 
8 Click Import. 


9 Click Finish to complete the import operation. 


If the import program encounters any error, the Details button is enabled in the error window. Click 
Details to view the error details. 


Migrating DHCP Leases from OES 2 SP3 or OES 11 to OES 11 SP3 


To migrate the DHCP leases from OES 2 SP3 or OES 11 to OES 11 SP3, copy the /var/1lib/dhcp/ 
db/dhcpd. leases file from the source OES 2 server to the corresponding location in the OES 11 
server. 


212.3 Post-Migration Procedure 


1 In the /etc/dhcpd.conf file, change Idap-base-dn to reflect the context of the migrated DHCP 
Server and change Idap-dhcp-server-cn to reflect the name of the migrated DHCP Server. 


21.2.4 Verifying the Migration 


1 Check the syntax of the dhcp configuration file with the rcnovell-dhcpd check-syntax command. 
The command reads /etc/dhcpd.con£ and checks the syntax. 


2 Startthe target OES 11 server dhcp server using the following command: 
rcnovell-dhcpd start 


3 Verify the /var/1og/dhcp-ldap-startup.1log file to check the dhcp configuration of the 
migrated server. 
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22.1 


22.1.1 


Migrating DNS to OES 11 SP3 


Migration refers to the process of migrating DNS services to OES 11 SP3. 


¢ Section 22.1, “Migrating DNS from NetWare to OES 11 SP3,” on page 189 
¢ Section 22.2, “Migrating DNS to OES 11 SP3,” on page 191 


Migrating DNS from NetWare to OES 11 SP3 


In these sections, the NetWare server is referred to as the source server and the OES 11 SP3 server 
as the target server. 


The following sections give you more information on the prerequisites and the procedure to migrate 
source servers based on different scenarios: 


¢ Section 22.1.1, “Planning Your Migration,” on page 189 
¢ Section 22.1.2, "Migration Scenarios,” on page 190 

* Section 22.1.3, "Migration Procedure," on page 190 

¢ Section 22.1.4, "Post-Migration Procedure,” on page 191 


Planning Your Migration 


Make sure your setup addresses the following requirements before you migrate DNS to the new 
platform: 


¢ “System Requirements" on page 189 
¢ "Supported Platforms” on page 190 


* "Coexistence" on page 190 


System Requirements 


C] An eDirectory integrated DNS server is installed on the target machine. 


NOTE: In a Server ID Swap scenario, do not select the Create DNS Server option. This avoids 
the creation of the DNS server for the temporary NCP server. So when migration is completed, 
the existing DNS server objects are considered. 


C] Schema extension is already done on the destination server tree and DNS-DHCP Group, and 
the RootServerlnfo and DNS-DHCP Locator objects are created. 


C] The user running the migration process should have rights to update files on the target machine. 
This user should also be included in the DNS-DHCP group in eDirectory. 
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22.1.2 


22.1.3 


Supported Platforms 
The following platforms are accepted as valid source platforms for the migration process: 


O NetWare 6.5 SP8 


Coexistence 
OES 11 can coexist with the following operating systems: 


* NetWare 6.5 SP6 
* SLES 11 SP1 and later 


Migration Scenarios 


To migrate DNS to the new platform, you can use the Java Management Console. During migration, 
the configuration details as well as the data are migrated to the destination platform. 


* "Migrating Servers within the Same eDirectory Tree" on page 190 


* "Migrating Servers across eDirectory Trees" on page 190 


Migrating Servers within the Same eDirectory Tree 


In this scenario, both the NetWare server and the OES 11 SP3 server are on the same eDirectory 
tree. 


Migrating Servers across eDirectory Trees 


In this scenario, the NetWare server and the OES 11 SP3 server are on different eDirectory trees, so 
the migration is across the trees. 


Depending on your setup, you can choose to migrate a single server at a time or migrate all the 
servers at the same time. 


Migration Procedure 


* "Using Java Console to Migrate Servers within the Same eDirectory Tree" on page 190 
* "Using Java Console to Migrate Servers across eDirectory Trees" on page 191 


Using Java Console to Migrate Servers within the Same eDirectory 
Tree 


1 Launch Java Console. 


2 Identify the source NCP server and the corresponding DNS server object that should be 
migrated to the target server. 


The server and the server object will no longer exist on the NetWare server after migration. Make 
sure that the DNS Service is not running on this source NCP server. 


To stop the service, see "Stopping the DNS Server” in the OES 11 SP3: Novell DNS/DHCP 
Services for Linux Administration Guide. 
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3 Use Java Console to move the source DNS server. This task also migrates the primary zones in 
the tree. 


For information about moving the DNS server, see "Moving a DNS Server” in the OES 11 SP3: 
Novell DNS/DHCP Services for Linux Administration Guide. 


Using Java Console to Migrate Servers across eDirectory Trees 


1 In Java Console, create the DNS server object. For more information, see the OES 11 SP3: 
Novell DNS/DHCP Services for Linux Administration Guide. 


2 On the OES 11 server, create a secondary zone and specify the zone master IP address as the 
IP address of the NetWare server where the primary zone exists. After the initial zone transfer, 
change the zone on the source NetWare server to secondary and make the zone on the target 
server the primary server. 

Migrate primary zones on the OES 11 SP3 server by creating a secondary zone and specifying 
the zone master IP address as the IP address of the NetWare/OES server where the primary 
zone exists. 


3 Load the DNS servers on the primary and secondary server to initiate the zone transfer. 


4 After the initial zone transfer, change the zone on the source NetWare server to secondary and 
make the zone on the target server to the primary server zone. 


5 To migrate secondary zones, create a secondary zone on the Linux server and specify it to be 
the secondary zone to the target primary zone that is on the OES 11 server. Ensure that both the 
primary and the secondary zones use the same name. This is essential for a successful zone 
transfer. 


NOTE: This method of migration is limited to migrating the zone data only. 


221.4 Post-Migration Procedure 


1 Use the Java Management Console to check for the existence of the following objects: 
* DNS-DHCP 
* DNSDHCP-GROUP 
+ RootServerlInfo 
* DNS Server object 


2 Load novell-named using the rcnovell-named start command and check to see if the /etc/ 
opt/novell/named/named.conf file contains zone database files with valid information. 


3 Use the nslookup utility to query for records in zones. 
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In these sections, the OES 2 SP3 or OES 11 server is referred to as the source server and the OES 
11 SP3 server as the target server. 


* Section 22.2.1, “Planning Your Migration,” on page 192 
* Section 22.2.2, "Migration Scenarios," on page 192 
* Section 22.2.3, "Post-Migration Procedure," on page 194 
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22.2.1 


22.2.2 


Planning Your Migration 


Make sure your setup addresses the following requirements before you migrate DNS to the new 
platform. 


System Requirements 


* An eDirectory integrated DNS server is installed on the target machine. 


NOTE: During DNS installation, do not select the Create DNS Server option. This avoids the 
creation of the DNS server for the temporary NCP server. So when migration is completed, the 
existing DNS server objects are considered. 


* Schema extension is already done on the destination server tree and DNS-DHCP Group, and 
the RootServerlnfo and DNS-DHCP Locator objects are created. 


Supported Platforms 


The following platforms are accepted as valid source platforms for the migration process: 


* OES2 SP3 
* OES 11 

* OES 11 SP1 
* OES 11 SP2 
* OES 11 SP3 


Migration Scenarios 


To migrate DNS to the new platform, you can use the Java Management Console. During migration, 
the configuration details as well as the data are migrated to the destination platform. 


Migrating Servers within the Same eDirectory Tree 


1 Launch Java Console. 


2 Identify the source NCP server and the corresponding DNS server object that should be 
migrated to the target server. 


The server and the server object will no longer exist on the OES 2 server after migration. Make 
sure that the DNS Service is not running on this source NCP server. 


To stop the service, see "Stopping the DNS Server” in the OES 11 SP3: Novell DNS/DHCP 
Services for Linux Administration Guide. 

3 Use Java Console to move the source DNS server. This task also migrates the primary zones in 
the tree. 
For information about moving the DNS server, see "Moving a DNS Server” in the OES 11 SP3: 
Novell DNS/DHCP Services for Linux Administration Guide. 


4 After this migration, proceed with performing the service-specific proxy migration. For more 
information, see "Migrating Proxy Users to OES 11 SP3" on page 261. 
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Using Java Console to Migrate Servers across eDirectory Trees 


You can migrate DNS across eDirectory trees by exporting the DNS database from the source server 
and importing the database to the target server. 


Exporting the DNS Database 


The export DNS database operation transfers the resource record data of a zone to a text file. The 
text file is in the DNS BIND master file format. These files can be used in other DNS servers, 
including BIND servers, or they can be imported back into the eDirectory database using the DNS/ 
DHCP Java-based Management Console. 


1 In the DNS Service window, select the zone you want to export, then click Export DNS Database 
on the toolbar. 


2 In the Export - DNS window, enter the name of a destination file or browse to select a file name 
from the dialog box. 


3 Click Export to store your zone data in a file. 


4 If the export program encounters any error, the Details button is enabled. Click Details to view 
the error details. 


Importing the DNS Database 


The import DNS database operation transfers resource record data present in the BIND formatted 
DNS zone files into the eDirectory database. 
1 In the DNS Service tab, click Import DNS Database on the toolbar. 


2 Enter the DNS BIND formatted file name in the field provided. You can also browse to select the 
file name from the File Selection dialog box. 


3 Click Next to select the context where the zone objects will be created. 
4 Click Next to select the server name that manages the zone. 


You can select an existing DNS server or an NCP server, where the DNS server object will be 
created. The selected DNS server must have the DNS/DHCP services installed in it. 


If you select the zone type as primary, this DNS server will act as a designated primary. If you 
select the zone type as secondary, this DNS server will act as a designated secondary. If you do 
not want to assign a DNS server for this zone, leave this field empty. 


5 Click Next to specify the zone type. 


If you select the zone type as primary, Novell DNS servers act as primary servers for this zone. If 
you select secondary, servers act as secondary DNS servers. 


6 Click Next to view the configuration that you selected. 
7 Click Import to begin importing with this configuration. 


If the import program encounters any error, the Details button is enabled. Click Details to view 
the error details. Some resource records might not have been transferred because of incorrect 
data. Click Create on the toolbar to recreate these resource records. 


8 Click Finish to complete the import operation. 
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222.3  Post-Migration Procedure 


1 Use the Java Management Console to check for the existence of the following objects: 
* DNS-DHCP 
* DNSDHCP-GROUP 
+ RootServerlInfo 
* DNS Server object 


2 Load novell-named using the rcnovell-named start command and check to see if the /etc/ 
opt /novell/named/named.conf file contains zone database files with valid information. 


3 Use the nslookup utility to query for records in zones. 
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23.1 


23.1.1 


23.1.2 


Migrating DSfW to OES 11 SP3 


This section describes how to migrate DSfW to an OES 11 SP3 environment. DSfW on OES 11 
supports the migration of DSfW servers existing on a 32-bit OES 2 server to an OES 11 SP3 server. 


NOTE: The migration procedure described in this section is applicable only for the migration of an 
OES server acting as a DSfW server. 


Before you proceed with the migration, review Section 17.1, “Planning Your Migration,” on page 143. 


¢ Section 23.1, “Planning Your Migration,” on page 195 
¢ Section 23.2, "Migration Procedure,” on page 196 
* Section 23.3, "Post-Migration Procedure,” on page 198 


Planning Your Migration 


Make sure your setup addresses the following requirements before you migrate DSfW: 


* Section 23.1.1, "Supported Platforms," on page 195 
* Section 23.1.2, "Prerequisites," on page 195 
* Section 23.1.3, "What Is Migrated," on page 196 


Supported Platforms 


Source Platforms 
The following platforms are valid source platforms for the migration process: 


* OES 2 SP3 
* OES 11 

* OES 11 SP1 
* OES 11 SP2 
* OES 11 SP3 


Target Platform 


* OES 11 SP3 


Prerequisites 


Before you proceed with the migration, review the details in Section 9.1, "Prerequisites," on page 61. 
For a successful migration: 


* The source server and the target server must be in the same eDirectory tree. 
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23.1.3 


23.2 


* Ensure that the time is synchronized between the source and the target server. 
* The source and target servers must be in the same subnet and gateway. 


* The target server must be a non-replica server in the eDirectory tree. To make the target server a 
non-replica server, select the Novell Pre-migration Server option while installing OES 11 SP3 on 
the target server. 


* The target server DNS entry must point to the DSfW source server IP address. 
* Host name of the target server should not be the same as any other server in the DSfW tree. 


What Is Migrated 


* DSfW configuration data present in eDirectory. 
* Configuration files for DSfW services such as kerberos, samba, xad, and rsync. 


* Non-DSfW services such as iPrint and NSS. Non-DSfW services need to be migrated according 
to the migration procedure for a particular service. 


Migration Procedure 


DSfW migration follows the Transfer ID migration process. For more information, see Part IV, 
"Transfer ID Migration," on page 59. 


IMPORTANT: Ensure that you do not patch or register the migration server for updating before 
installing the Novell Pre-migration Server pattern and the DSfW pattern. 


To perform the migration: 
1 Install and configure eDirectory with the pre-migration pattern on the target server. 
NOTE: Ensure that the target server is installed only with eDirectory and the Novell pre- 


migration pattern. Novell pre-migration and the eDirectory pattern must be installed using the 
Software Management tool provided by the YaST utility. 


If services such as iPrint, NSS, and SMS are configured on the DSfW server that is migrated, 
then configuration data related to these services will also be migrated as part of the DSfW 
migration process. However, migration of service?specific data needs to be migrated according 
to the migration procedure for a particular service. For information on migrating iPrint, see 
Chapter 27, “Migrating iPrint to OES 11 SP3,” on page 223. For information on migrating NSS, 
see Chapter 16, “Migrating File Systems to OES 11 SP3,” on page 97. 


2 If the source server has proxy user configured for services such as LUM, see Chapter 32, 
“Migrating Proxy Users to OES 11 SP3,” on page 261. 


3 Install the DSfW pattern on top of the preexisting patterns on the target server, but do not 
configure it. 


4 Reboot the target server. 

5 Ensure that you have copied the SSH keys in order to avoid multiple password prompts: 
5a Enable SSH on the source server and the target server. 
5b Enter the 4 ssh-keygen -t rsa command on the target server. 
5c When you are prompted to enter the file in which to save the key, press Enter. 


The ssh keys are stored in the default location (/root/.ssh/id_rsa). 
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5d When you are prompted to enter the passphrase, leave it empty for no passphrase, then 
press Enter. 


5e Copy the key value (the output of the  ssh-keygen -t rsa command) to the source 
server using the following command: 


ssh-copy-id -i /root/.ssh/id rsa.pub rootesource-ip-address 
Where -i /root/.ssh/id rsa.pub is the output of the # ssh-keygen -t rsa command. 
Replace <source-ip-address> with the IP address or the hostname of the source server. 


6 Run the DSfW migration script on the target server. The purpose of this script is to migrate the 
DSfW-specific data to the target server. 


./opt/novell/xad/sbin/migrate dsfw.pl --source-source-ip --all 
The migration script invokes the miggui tool. 


The Transfer ID operation migrates eDirectory, LUM, and other associated services of the 
source server. For more information, see Section 10.4, "Select the Source and Target Server 
and the Migration Type," on page 67. 


7 Reboot the target server. 


8 After you reboot the server, you are prompted to configure additional features such as WINS and 
Sites. This can be done using the DSfW Feature Configuration Wizard. 


IMPORTANT: You are prompted to configure these features only once. If you fail to configure 
these features during the first instance, you will not be able to configure these features later. 


Enter the authentication details in the login dialog box, depending on the scenario in which you 
are provisioning, then click OK. 


Provisioning Scenario Authentication Details Required 

Non-name-mapped, forest root domain The current domain credentials. 

Name-mapped, forest root domain The current domain credentials and the tree admin 
credentials. 

Non-name-mapped child The current domain credentials, the parent domain 
credentials, and the tree/container admin 
credentials. 

Name-mapped child The current domain credentials, the parent domain 
credentials, and the tree/container admin 
credentials. 

Additional Domain Controller The current domain credentials and the tree admin 
credentials. 


IMPORTANT: If you are installing a first-level child domain in a non-name-mapped scenario, the 
tree admin and the parent domain credentials are the same. 


9 Select the feature that you want to configure, then click Next. 


10 On the task list page, click Run to manually execute a task or click Run All to execute all the 
tasks sequentially without any manual intervention. 


11 After you finish executing the DSfW Feature Configuration Wizard, verify that all of the daemons 
are up and running by executing the following command: 


xadcntrl status 
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12 Run the following command to verify if the schema has been extended, rights on the domain 
controller objects have been added, and the unique domain id on the domain root has been 


added. 


/opt/novell/xad/sbin/domaincntrl --preps 


23.3 Post-Migration Procedure 


After the migration procedure has completed, you need to manually cleanup certain eDirectory 
objects. For more information, follow the instructions specified in Chapter 13, "Post Transfer ID 


Migration," on page 81. 
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24.1 


24.1.1 


24.1.2 


24.1.3 


24.2 


Migrating LUM to OES 11 SP3 


This section describes how to migrate LUM from an OES 2 or OES 11 environment to OES 11 or OES 
11 SP3. 


* Section 24.1, "Planning the Migration,” on page 199 


¢ Section 24.2, "Migration Scenarios," on page 199 


Planning the Migration 


Make sure your setup addresses the following requirements before you migrate LUM to the 
destination platform: 


¢ Section 24.1.1, "Source Servers,” on page 199 
¢ Section 24.1.2, "Target Servers,” on page 199 
¢ Section 24.1.3, “Prerequisite,” on page 199 
Source Servers 
* OES2 SP3 
* OES 11 
Target Servers 


* OES 11 SP3 


Prerequisite 


+ |f the source server is OES 2 SP2, the proxy credential retrieval binary (32 or 64 bit) for LUM 
(lum retrieve proxy cred) should be copied to the /usr/bin folder on the source server. 


Migration Scenarios 


The following scenarios are supported for LUM migration: 
* Common Proxy Migration: If LUM is configured to use common proxy, see "Services that Are 
Using Common Proxy" on page 261. 


* Service-Specific Migration: If LUM is configured to use service-specific proxy, see "Services 
that Are Using Service-Specific Proxy" on page 263. 


* Transfer ID Migration: If LUM is not configured to use proxy user, see Part IV, "Transfer ID 
Migration," on page 59. 


For common proxy and service-specific proxy migration scenarios, you must also do a Transfer ID 
migration. Transfer ID migration affects changes such as setting the nam configuration and mapping 
the target server with the existing eDirectory users and groups. 
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Migrating FTP to OES 11 SP3 


Migration refers to the process of migrating FTP services from a NetWare, OES 2, OES 2 SP3, or 
OES 11 server to a OES 11 SP3 server. The Open Enterprise Server (OES) migration tools follow a 
source/target model. The following sections give you more details on the migration procedure for 
FTP. 


* Section 25.1, “Migrating FTP from NetWare to OES 11 SP3,” on page 201 
¢ Section 25.2, “Migrating FTP to OES 11 SP3,” on page 204 


25.1 Migrating FTP from NetWare to OES 11 SP3 


This section describes how to migrate FTP from NetWare or OES to OES 11 SP3. 


25.1.1 Planning the Migration 


Make sure your setup addresses the following requirements before you migrate FTP to the 
destination platform: 


¢ “System Requirements” on page 201 
* “Source Servers” on page 201 


* "Target Server" on page 201 


System Requirements 


* Pure-FTPd 


Source Servers 


* NetWare 6.5 SP8 


Target Server 


* OES 11 SP3 


25.12 Migration Scenarios 


The following scenarios are supported for FTP migration: 


* Consolidation on the Same Tree 
* Consolidation on a Different Tree 
* Transfer ID on the Same Tree 
For details on these three scenarios, see Section 1.3, "Migration Scenarios," on page 16. 
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25.1.3 


Prerequisites 


For all three scenarios, eDirectory should be running so that eDirectory users can log in. 


What Is Migrated 


When the migration is complete, the FTP parameters on NetWare are mapped to the corresponding 
parameters in Pure-FTPd on Linux. For details on mapped parameters, see Table 25-1 on page 203. 


Migrating FTP 


Migration of the FTP configuration can be done from the Migration Tool or through the command line 
interface. 


NOTE: Before you start the Pure-FTPd server, ensure that eDirectory is up and running on the target 
server. This is to ensure that all the eDirectory users can be used for Pure-FTPd access. For the 
Server ID Swap, all eDirectory objects are migrated as part of the DIB migration step. For more 
information about eDirectory migration, see Appendix 17, “Migrating eDirectory to OES 11 SP3,” on 
page 143. 


* "Using the Migration Tool" on page 202 


* "Using the Command Line" on page 202 


Using the Migration Tool 


1 Launch the Migration Tool in one of the following ways: 
Desktop: Click Computer > More Applications > System > Novell Migration Tools. 
Terminal: Log in as the root user and at a terminal prompt, enter miggui. 

2 Configure the source and target parameters. 


For details on configuring source and target server information, selecting a migration type, and 
the Open, Save Project, and all other tool buttons, see Chapter 2, "Overview of the Migration 
GUI," on page 21. 


3 Select Novell FTP from Services, then click Configure. The status now changes from Not 
Configured to Ready. 


4 When the status is Ready, click Start to start the migration process. 


The status changes from Migrating to Migrated. 


NOTE: Use the Status » Logs tab to check for errors during migration. Fix the errors and restart 
the migration procedure if necessary. 


Using the Command Line 


1 Run the FTP migration utility from the command line with the required parameters: 
migftp -s «source server» 
For example: 
migftp -s 192.168.1.54 


If the migration is successful, a message indicating success is displayed. 
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2 Start the eDirectory server to allow eDirectory users to log in. 
3 Start the FTP server by using the rcpure-ftpd start command. 


25.14  Post-Migration Procedure 


1 All the FTP services users must be LUM enabled. 


2 Map these parameters during the FTP migration from NetWare to Linux: 


Table 25-1 NetWare Linux FTP FTPd Mapping Parameters 


NetWare FTP Parameters Linux Pure FTPd Parameters 

SECURE CONNECTIONS ONLY TLS 

PASSIVE PORT MIN PassivePortRange 

PASSIVE PORT MAX PassivePortRange 

MAX FTP SESSIONS MaxClientsNumber 

HOST IP ADDR Bind 

FTP PORT Bind 

FORCE PASSIVE ADDR ForcePassivelP 

ANONYMOUS ACCESS AnonymousOnly 

IDLE SESSION TIMEOUT MaxldleTime 

DEFAULT USER HOME SERVER DefaultHomebDirectoryServer 

DEFAULT USER HOME DefaultHomeDirectory 

IGNORE_REMOTE_HOME EnableRemoteHomeDirectory 
Important: 


* If ANONYMOUS_ACCESS is commented irrespective of the value set to yes or no on the 
source server (NetWare), after migration the value set for AnonymousOnly on the target server 
(OES 11 SP3) is retained. 


For example, if ZANONYMOUS ACCESS-yes or ZANONYMOUS ACCESS-no is set on the 
source server and AnonymousOnly=yes or AnonymousOnly=no is set on the target server, the 
value set on the target server is retained after migration. 


If ANONYMOUS ACCESS is uncommented irrespective of the value set to yes or no on the 
source server (NetWare), after migration the value set for AnonymousOnly on the target server 
(OES 11 SP3) is overwritten with the value set on the source server. 


For example, if ANONYMOUS ACCESS-nois set on the source server and 
AnonymousOnly-yes is set on the target server, AnonymousOnly will be set to no after 
migration. 


* |f you use the BIND parameter in the NetWare ftpserv.cfg file, after migrating to OES, your 
FTP login will be blocked. This happens because FTP still tries to bind to the source IP address 
and port that you have specified in the NetWare £tpserv.ctg file. 
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25.2 


25.2.1 


25.2.2 


25.2.3 


To resolve this issue, change the IP address and port to that of an OES target server. This 
workaround is not required for a Transfer ID migration. 


* |f Passive Port Range on NetWare is not set or is less than twice the number of maximum 
allowed clients, after migrating to Linux, set the PassivePortRange to twice the 
MaxClientsNumber. 


For example, if you set MaxClientsNumber as 10, then set the PassivePortRange as 30000 
30020. 


* If SECURE CONNECTIONS ONLY is set in NetWare and an FTP migration certificate does not 
exist on Linux, a default FTP certificate (/etc/ssl/private/pure-ftpd.pem)is created, using 
either an eDirectory certificate (/etc/ssl/servercerts/eDircert .pem) of the target server or 
the server certificate (/etc/ssl/servercerts/servercert .pem). If neither of them exists, the 
migration creates a certificate with default parameters. The admin can replace this by creating a 
new certficate using the steps listed in “Create Certificate Procedure” (http:// 
download. pureftpd.org/pub/pure-ftpd/doc/README.TLS). 


* The ForcePassivelP field in NetWare when left blank or set as 0.0.0.0 indicates none specified. 
However, on Linux, it is interpreted as is and therefore can lead to the server binding to an invalid 
IP address, resulting in loss of functionality. The migration script is updated to ignore IP 0.0.0.0, 
and creates .bak file to preserve the original linux conf file for administrative reference. 


Migrating FTP to OES 11 SP3 


This section describes how to migrate FTP from an OES 2 SP3 or OES 11 environment to OES 11 
SP3. 


Before you proceed with the migration, review Section 25.2.1, "Prerequisites," on page 204. In this 
section, the source server refers to an OES 2 SP3 or OES 11 server and the target server refers to an 
OES 11 SP3 server. 


* Section 25.2.1, "Prerequisites," on page 204 
* Section 25.2.2, "What Is Migrated," on page 204 
* Section 25.2.3, "Migration Procedure," on page 204 


Prerequisites 


* Ensure that the OES 11 server is already installed along with the Novell FTP pattern on the 
target server. For more information, see "Installing Pure-FTPd" in the OES 11 SP3: Planning and 
Implementation Guide. 


What Is Migrated 


* Configuration file and script 
Migration Procedure 


Same Tree Migrations with Identity Transfer 
Perform the following procedures on the target server: 


1 Copy the /etc/pure-ftpd/pure-ftpd.conf file from the source server. 
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NOTE: If the migration is being performed on a cluster setup, copy the pure-ftpd. conf file on 
the shared volume of the cluster. 


2 Run the /opt/novell/pure-ftpd/novell-pure-ftpd-config.sh script. This will update the 
pure-ftpd.conf file with the new parameters added in OES 11 SP3. 


3 Remove the LD PRELOAD statement from the /etc/init.d/pure-ftpdá file, if present. 
4 Restart pure-ftpd using the rcpure-ftpd restart command. 


Same Tree Migrations without Identity Transfer 


1 Execute steps Step 1 to Step 3 in the previous section. 


2 Update the IP address of the target server for ForcePassivelP and Bind parameters in the pure- 
ftpd.conf file. 


3 Update DefaultHomeDirectoryServer if it refers to the IP of the source server. 
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26.1 


Migrating iFolder to OES 11 SP3 


This section describes the procedures to migrate iFolder to OES 11 SP3. 


* Section 26.1, "Novell iFolder Upgrade, Migration, and Coexistence,” on page 207 
* Section 26.2, “Migrating iFolder to OES 11 SP3,” on page 220 


Novell iFolder Upgrade, Migration, and 
Coexistence 


This section provides information about the migration and upgrade capabilities of iFolder 3.9. It also 
discusses how to use the Novell Migration Tool to introduce the iFolder 3.9 services into an existing 
network environment without disrupting existing Novell iFolder 2.x and iFolder 3.x services. 


One of the top priorities in designing Novell iFolder 3.7 and later was to ensure that new iFolder 
services running on Novell Open Enterprise Server (OES) 2 or later can bridge the gap between the 
Novell iFolder 2.x services and the iFolder 3.2 services that are currently running on OES 1. 


Migration: Migration is the process of moving from, 


* iFolder 3.2 on OES 1 Linux 
* iFolder 2.x on OES 1 Linux 


* iFolder 2.x on NetWare 
to iFolder 3.9.1 on OES 11 SP3. 


Upgrade: Upgrade is the process of changing to a new version of iFolder on the same platform, such 
as from, 

* iFolder 3.2 on OES 1 Linux 

* iFolder 3.4 on OES 1 Linux 

* iFolder 3.6 on OES2 


to iFolder 3.9.1 on OES 11 SP3. 


* Section 26.1.1, "Migrating iFolder 2.x," on page 208 

* Section 26.1.2, "Migrating iFolder 3.2," on page 213 

* Section 26.1.3, "Upgrading iFolder 3.x," on page 217 

* Section 26.1.4, "Upgrading iFolder 3.6," on page 219 

¢ Section 26.1.5, “Coexistence of iFolder 3.9 and iFolder 2.x Servers,” on page 219 


* Section 26.1.6, "Coexistence of the iFolder 3.9 Client with Novell iFolder 1.x and 2.x Clients," on 
page 219 
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26.1.1 


Migrating iFolder 2.x 


You can move iFolders and user data from an iFolder 2.x domain to iFolder 3.9. In the following 
sections, the iFolder 2.x server is referred to as the source server and the iFolder 3.9 server as the 
target server. 


IMPORTANT: You cannot migrate encrypted iFolders. Use the client-side migration wizard to migrate 
the encrypted iFolders. For more information about the client-side migration, see Novell iFolder 
Migration and Upgrade (https://www.novell.com/documentation/ifolder3/ifolder39 user/data/ 
coexistmig.html) in the Novell iFolder 3.9 Cross-Platform User Guide (http://www.novell.com/ 
documentation/ifolder3/ifolder39 user/?page-/documentation/ifolder3/ifolder39 user/data/ 
bookinfo.html). 


* "Server Migration" on page 208 


* "Client Migration" on page 213 


Server Migration 


¢ "Supported Platforms” on page 208 

* "Prerequisites" on page 208 

* "Planning" on page 209 

* "Migration Scenarios" on page 209 

* "iFolder Migration Procedure" on page 210 
* "Using the Migration Tool GUI" on page 210 
* "Using Command Line Utilities" on page 211 
* "Multi-Server Migration" on page 211 

* "What to Expect" on page 212 

* "Verifying the Migration" on page 212 

* "Post-Migration Procedures" on page 212 


Supported Platforms 


Table 26-1 Supported Platforms 


Source Platform Destination Platform 
NetWare 6.5 SP8 OES 11 SP3 
OES 2 SP3 or OES 11 OES 11 SP3 


Prerequisites 
C] You must perform the File System Migration for the source data path. 


For more information, see Appendix 16.4, "Migrating the File System Using the Migration GUI," 
on page 103. 


O Ensure that the iFolder 3.9 servers, the iFolder 3.9 Web Access server, and the eDirectory 
services are up and running. 
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The iFolder 3.9 Web Access server and the Web Admin server should be running on the target 
server. 


C] Ensure that the user objects are available in eDirectory and are accessible from the target 
server. 


Planning 


* Novell iFolder Server: Novell iFolder 3.9 has the capacity to manage 1000 connected users 
simultaneously on a single server. This can vary based on the server hardware and network 
capabilities. If there are more than 1000 users, you can use a multi-server setup. For more 
information, see Deploying iFolder Server (https://www.novell.com/documentation/ifolder3/ 
ifolder39 admin/data/bk60n10.html) in the Novell iFolder 3.9 Administration Guide (http:// 
www.novell.com/documentation/ifolder3/ifolder39_admin/?page=/documentation/ifolder3/ 
ifolder39_admin/data/front.html). 


* Web Access Server: The Novell iFolder 3.9 Web Access console for end users must run on the 
target server. 


* Web Admin Server: The Novell iFolder 3.9 Web Admin console for end users must run on the 
target server. Ensure that the policies for disk quota, iFolder limit, and file filter are set at the 
system level, because these policies affect the storage availability on the server. For more 
information about policies, see Configuring System Policies (https://www.novell.com/ 
documentation/ifolder3/ifolder39 admin/data/b9jabz2.htmlzb9jafmz) in the Novell iFolder 3.9 
Administration Guide (http://www.novell.com/documentation/ifolder3/ifolder39 admin/?page-/ 
documentation/ifolder3/ifolder39 admin/data/front.html). 


* Multi-Server Setup: If you have a predefined choice of servers for a set of users or LDAP 
Groups, you must provision them and set the policies by using the iFolder 3.9 Web Admin 
console. If the users are not provisioned and no policies are set, the iFolder 3.9 server uses the 
round-robin provisioning method to provision the users. Novell iFolder 3.9 has its own LDAP 
attribute for provisioning users; it does not use the iFolder 2.x LDAP attribute for provisioning. 
You can use the iFolder 3.9 LDAP attribute for selective provisioning and use the Web Admin 
console for manual provisioning of users and groups. 


Migration Scenarios 


The following scenarios are supported for migrating Novell iFolder Services. (For general explanation 
of the scenarios supported in OES 11, see Section 1.3, "Migration Scenarios," on page 16.) 


* Transfer ID: In this scenario, the target server is installed into the same eDirectory tree as the 
source server, with a temporary hostname and IP address. The iFolder 2.x data is copied to the 
target machine to perform the basic operations, while the original copy is operational in the 
source machine until the move completes. When the move completes, the source and target 
servers swap and all the iFolder 2.x data on the source server is available on the target server. 
The target server functions with the same credentials (such as IP address and hostname) as the 
source server and the source server node is no longer available in the eDirectory tree. 


IMPORTANT: In a NetWare to OES 11 Transfer ID scenario, ensure that the target server is 
installed in the same context as the source server. 


* Migrate: In this scenario, you can copy the iFolder data from any number of existing source 
servers to a target server. The source server must be running NetWare 6.5 SP8, OES 2 SP1, 
OES 2 SP2, or OES 11. The target server must be running on OES 11 SP3 on 64-bit hardware. 
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In the Transfer ID scenario, only the Same Tree migration is applicable. In the Migrate scenario, both 
the Same Tree and Different Tree migration are possible. 


* Same Tree: In the Same Tree migration, the source and target server are on the same 
eDirectory tree. The source server must be running NetWare 6.5 SP8, OES 2 SP3, or OES 11. 
The target server must be running on OES 11 SP3 on 64-bit hardware. 


* Different Tree: In the Different Tree migration, the source server and the target server are on 
different eDirectory trees. The source server must be running NetWare 6.5 SP8, OES 2 SP3, or 
OES 11. The target server must be running SUSE Linux Enterprise Server 11 SPA with OES 11 
SP3 on 64-bit hardware. 


iFolder Migration Procedure 


* "Using the Migration Tool GUI" on page 210 
* "Using Command Line Utilities" on page 211 


Using the Migration Tool GUI 


1 Install, configure, and run iFolder 3.9 on the target server. 

2 Open the Migration Tool GUI. 
Desktop: Select Computer > More Applications > System > Novell Migration Tools. 
Terminal: Log in as the root user and at a terminal prompt, enter miggui. 


3 Authenticate to the source and target servers. All the associated services are listed in the 
Services panel. 


4 Select Novell iFolder, then click Configure. The iFolder configuration window displays. 


IMPORTANT: Ensure that you migrate the iFolder 2.x file system data by using the file system 
migration tools. For more information, see Appendix 16.4, "Migrating the File System Using the 
Migration GUI," on page 103. 


The default data path for iFolder 2.x is /var/opt/novell/«ifolderdata» for OES 1 Linux. For 
NetWare, the data path is configurable. 


5 Fill in the following fields: 


Parameter Description 


2.x Migration Select this option if you want to migrate the iFolder 
2.x application to iFolder 3.9 on OES 11 SP3. 


iFolder Data Path: Specify the path where the 
iFolder 2.x system data is migrated to on the target 
server. This is the location on the iFolder target 
server where iFolder application files and the users' 
iFolders and files are migrated to. The path is case- 
sensitive. 


iFolder 3.9 Admin Name Specify the user name of the iFolder 3.9 
administrator. 


iFolder 3.9 Admin Password Specify the iFolder 3.9 admin password. 
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Parameter 


Partial Migration 


Description 


Select this option if you want to perform a partial 
migration that allows you to migrate a selected set 
of users to an iFolder 3.9 domain. You can perform 
partial migration either by using a user list file or by 
browsing and selecting users from an eDirectory 
tree. 


User List File: Specify the location of the user list 
file. This file is a text file that contains the list of user 
DNs for all the users selected for migration. Ensure 
that each user DN starts in a new line. 


Select LDAP Users: Browse the eDirectory tree 
and select the users for migration. 


6 Click OK to configure iFolder for migration. 


7 In the main window, you can either configure other services or click Migrate to start the migration 


process. 


The Migration Tool takes care of the order in which each service migrates. Therefore, iFolder 
migration initiates only after file system migration completes. 


Using Command Line Utilities 


To run the Novell iFolder migration utility through the command line, run /opt/novell/migration/ 
sbin/migif2 --option value With the following details: 


Table 26-2 Command Line Options 


Option 


--precheck 


--2xdatapath 


--serveripaddress 
--adminname 
--password 
--workarea 


--userlist 


--sync 


Multi-Server Migration 


Description 


(Optional) Checks whether migration is possible with the given 
parameters. 


Specifies the path where the iFolder system data is stored. This is the 
location where the iFolder source server stores iFolder application files 
and the users’ iFolders and files. The path is case sensitive. 


Specifies the IP address of the iFolder 3.9 server. 

Specifies the user name of the iFolder 3.9 administrator. 
Specifies the password for the iFolder 3.9 administrator. 
(Optional) Specifies the location for the temporary migration files. 


(Optional) Specifies a text file that contains the list of users for migration. 
If you don't specify this, a complete migration is performed. 


(Optional) Performs the sync operation during migration for any changes 
made on the source server. 


To migrate user data to the master server, all the iFolder 3.9 servers must be up and running. The 
master server automatically provisions the home servers for each migrated user. Depending on the 
user provisioning priority you have set, each user is provisioned in the appropriate iFolder 3.9 server. 
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If you want to move each user from a single iFolder 2.x server to different iFolder 3.9 servers or from 
many iFolder 2.x servers to a single iFolder 3.9 server, you must set the provisioning with the iFolder 
3.9 Web Admin console. By default, the round-robin provisioning method is used. For more 
information about using the Web Admin console, see the following sections in the Novell iFolder 3.9 
Administration Guide (http://www.novell.com/documentation/ifolder3/ifolder39_admin/?page=/ 
documentation/ifolder3/ifolder39 admin/data/front.html)Novell iFolder 3.9.2 Administration Guide. 


* Managing iFolder Services via Web Admin 
* Managing iFolders 


* Managing iFolder Users 


What to Expect 


* The iFolder 2.x user data format is converted to that of iFolder 3.9. The flat directory structure of 
the iFolder 2.x data is changed to the hierarchical structure of the iFolder 3.9 client. 


NOTE: The 2.x configuration is not migrated. 


* The 2.x encrypted iFolders are not migrated. This is because the passphrase for each user is not 
known to the administrator. Each user is expected to do a client-side migration. 


* |f the user list is provided, only those users specified in the user list are migrated. 


* Inthe Transfer ID scenario, iFolder 3.9 updates the configuration files with the new server IP 
address after the migration is completed. 


Verifying the Migration 


You can find the migration logs at /var/opt/novell/log/ifolder/checkpoint.1log. The 
checkpoint.log contains the status of the iFolder 2.x migration. 


Post-Migration Procedures 


Post-migration configuration: No additional configuration is required because only data is migrated 
and no policies are migrated from iFolder 2.x to iFolder 3.9. You must set the policies again for each 
user by using the Web Admin console; this is because the iFolder 2.x policies are not compatible with 
iFolder 3.9. 


For more information about using the Web Admin console, see the following chapters in the Novell 
iFolder 3.9 Administration Guide (http://www.novell.com/documentation/ifolder3/ifolder39 admin/ 
?page-/documentation/ifolder3/ifolder39 admin/data/front.html). 


* Managing iFolder Services via Web Admin 
* Managing iFolders 


* Managing iFolder Users 


Merge: Users can have a local copy of the 2.x iFolders that are already migrated to the server. When 
they connect the iFolder 3.9 client to the iFolder 3.9 server, the migrated iFolders are also available 
for download. Instead of downloading them and having a different copy on the same machine, they 
can simply merge the iFolders on the local machine to the migrated iFolders on the server. This also 
reduces the data transfer traffic and effort. For more information about the merge functionality 
provided in the client, see Merging iFolders in the Novell iFolder 3.9 Administration Guide (http:// 
www.novell.com/documentation/ifolder3/ifolder39 admin/?page-/documentation/ifolder3/ 

ifolder39 admin/data/front.html). 
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Client Migration 


There is an automatic client-side migration from Novell iFolder 2.x to iFolder 3.9. The Migration 
Wizard provided for the user in the iFolder 3.9 client migrates the existing 2.x iFolder data to the 
iFolder 3.9 domain. The Migration Wizard appears soon after the installation of the iFolder 3.9 client 
and displays a message about the existence of previous version data and a request for a migration. 
This Wizard is also available on the Preferences menu so that it can be invoked at any time after 
installation. 


IMPORTANT: The Novell iFolder 2.x client and the iFolder 3.9 client can run independently and 
concurrently on the same user machine. They are separate applications and should not be installed in 
the same directory. However, if you migrate the 2.x data to 3.9, you must remove the 2.x client when 
the client-side migration is complete. 


Preparing for Migration 


* The user must have both an iFolder 2.x account and a corresponding iFolder 3.9 account. 


* The user must use only the Migration Wizard available in the iFolder client to migrate an existing 
2.x iFolder to a 3.9 iFolder. The user should not perform an iFolder 2.x to 3.9 conversion by any 
other means, such as using iFolder shell integration (Windows Explorer or Nautilus) or the 
iFolder 3.9 client upload mechanism from the thick client. 


+ |f the user selects to make a copy of the iFolder 2.x data and move it to the iFolder 3.9 domain, 
ensure that you allocate sufficient space (at least 10 MB larger than the size of the iFolder 2.x 
data) on the hard disk (user's Home directory for Linux and user's Application Data directory for 
Windows) before performing the migration. The additional space is used to store the iFolder 
database. 


In this case, the user must log out of the 2.x client before performing the migration to avoid 
synchronization issues and related possible data corruption. 


+ |f the user selects to migrate the iFolder and disconnect it from 2.x domain, the folder is not 
accessible through the 2.x account after the migration, because it is completely moved to the 3.9 
domain and 2.x registry entries are removed in the client. It is possible that the same 2.x iFolder 
is available on another user desktop. If so, make sure that it is manually removed to avoid data 
inconsistency, because it is not under the control of iFolder 3.9 domain. 

Migrating iFolder 3.2 
You can move iFolders and the user data from an iFolder 3.2 domain to an iFolder 3.9 domain. In the 


following sections, the iFolder 3.2 server is referred to as the source server and the iFolder 3.9 server 
as the target server. 


Supported Platforms 
Table 26-3 Supported Platforms 


Source Platform Target Platform 


OES 2 SP1, OES 2 SP3, or OES 11 OES 11 SP3 


Migrating iFolder to OES 11 SP3 213 


Prerequisites 


Before proceeding with the migration, see "Prerequisites" on page 208. 


Planning 


* Novell iFolder Server: Novell iFolder 3.9 has the capacity to manage 1000 connected users 
simultaneously in a single server. This can vary based on the server hardware and network 
capabilities. If there are more than 1000 users, you can use a multi-server setup. For more 
information, see Deploying iFolder Server (https://www.novell.com/documentation/ifolder3/ 
ifolder39 admin/data/bk60n10.html) in the Novell iFolder 3.9 Administration Guide (http:// 
www.novell.com/documentation/ifolder3/ifolder39 admin/?page-/documentation/ifolder3/ 
ifolder39 admin/data/front.html). 


* Web Access Server: The Novell iFolder 3.9 Web Access console for end users is running on 
the target server. 


* Web Admin Server: The Novell iFolder 3.9 Web Admin console is running on the target server. 
Ensure that the policies for disk quota, iFolder limit, and file filter are set at the system level, 
because these policies affect the storage availability in the server. For more information about 
policies, see Configuring System Policies (https://www.novell.com/documentation/ifolder3/ 
ifolder39_admin/data/b9jabz2.html#b9jafmz) in the Novell iFolder 3.9 Administration Guide 
(http://www. novell.com/documentation/ifolder3/ifolder39_admin/?page=/documentation/ifolder3/ 
ifolder39_admin/data/front. html). 


* Multi-Server Setup: If you have a predefined choice of servers for a set of users or LDAP 
Groups, you must provision them, and set the policies by using the iFolder 3.9 Web Admin 
console. If the users are not provisioned and no policies are set, the iFolder 3.9 server uses the 
round-robin provisioning method to provision the users. Novell iFolder 3.9 has its own LDAP 
attribute for provisioning users; it does not use the iFolder 3.x LDAP attribute for provisioning. 
You can use iFolder 3.9 LDAP attribute for selective provisioning and use the Web Admin 
console for manual provisioning of users and groups. 


Migration Scenarios 


The following scenarios are supported for migrating Novell iFolder Services. (For a general 
explanation of the scenarios supported in OES 11 SP3, see Section 1.3, "Migration Scenarios," on 
page 16). 


* Transfer ID: In this scenario, the target server is installed into the same eDirectory tree as the 
Source server, with a temporary hostname and IP address.The iFolder 3.2 data is copied to the 
target machine to perform the basic operations, while the original copy is operational in the 
source machine until the move completes and all of the iFolder 3.2 data on the source server is 
available on the target server. The target server functions with the same credentials (such as IP 
address and hostname) as the source server and the source server node is no longer available 
in the eDirectory tree. 


* Migrate: In this scenario, you can copy the iFolder data from any number of existing source 
servers to a target server. The source server must be running OES 2 SP3 or OES 11. The target 
server must be running on OES 11 SP3 on 64-bit hardware. 


In the Transfer ID scenario, only the Same Tree migration is applicable. In the Migrate scenario, both 
the Same Tree and Different Tree migration are possible. 


* Same Tree: In this scenario, the source server and target server are on the same eDirectory 
tree. The source server must be running OES 2 SP3 or OES 11. The target server must be 
running on OES 11 SP3. 
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* Different Tree: In this scenario, the source server and the target server are on different 
eDirectory trees. The source server must be running OES 2 SP3 or OES 11. The target server 
must be running on OES 11 SP3. 


iFolder Migration Process 


You can perform the migration through either the Migration Tool GUI or the command line. 


* "Using the Migration Tool GUI" on page 215 
* "Using Command Line Utilities" on page 216 


Using the Migration Tool GUI 


1 Install, configure, and run iFolder 3.9 on the target server. 


2 Copy the simias.config file from the source server to the location /var/1ib/wwwrun/.local/ 
share/simias in the target server. 


3 Open the Migration Tool GUI. 
Desktop: Select Computer » More Applications » System » Novell Migration Tools. 
Terminal: Log in as the root user and at a terminal prompt, enter miggui. 


4 Authenticate to the source and target servers. All the associated services are listed in the 
Services panel. 


5 You must configure the file system before configuring the iFolder 3.2 service. To configure NSS 
or NCP volumes, select File System, then click Configure. For any other file system, perform the 
migration using Command Line Utilities. For more information about configuring the file system, 
see Section 16.6, "Migrating the File System Using Command Line Utilities," on page 110. 


6 Select Novell iFolder, then click Configure. The iFolder configuration window displays. 


IMPORTANT: Ensure that you migrate the iFolder 3.2 file system data by using the file system 
migration tools. For more information, see Appendix 16.4, "Migrating the File System Using the 
Migration GUI," on page 103. 


The default data path for iFolder is /var/1ib/wwwrun/simias for Linux. 


7 Fill in the following fields: 


Parameter Description 


3.2 Migration Select this option if you want to migrate the iFolder 3.2 application 
to iFolder 3.9 on OES 11 SP3. 


iFolder 3.2 Data Path: Specify the path where the iFolder 3.2 
system data is migrated to on the target server. This is the location 
on the iFolder target server to which iFolder application files and the 
users' iFolders and files are migrated. The path is case-sensitive. 


iFolder 3.2 Admin Name Specify the user name of the iFolder 3.2 administrator. This is the 
fully distinguished name of the iFolder admin user. For example: 
cn-admin,o-acme. 


iFolder 3.2 Admin Password Specify the iFolder 3.2 admin password. 


iFolder 3.9 Admin Name Specify the user name of the iFolder 3.9 administrator. For 
example: admin. 


iFolder 3.9 Admin Password Specify the iFolder 3.9 admin password. 
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Parameter 


Partial Migration 


Description 


Select this option if you want to perform a partial migration, which 
allows you to select a set of users and migrate them to an iFolder 
3.9 domain. 


User List File: Specify the location of the user list file. This file is a 
text file that contains the list of user DNs for all the users selected 
for migration. Ensure that each user DN starts in a new line. 


Select LDAP Users: Browse the eDirectory tree and select the 
users for migration. 


8 Click OK to configure iFolder for migration. 


9 In the main window, you can either configure other services or click Migrate to start the migration 


process. 


The Migration Tool takes care of the order in which each service migrates. Therefore, the iFolder 
migration initiates only after file system migration is completed. 


Using Command Line Utilities 


To run the Novell iFolder migration utility through the command line, run /opt/novell/migration/ 
sbin/migif3 --option-value With the following details: 


Option 


--precheck 


--oldadminname 
--newadminname 
--oldadminpassword 
--previousserverurl 
--newserverurl 
--workarea 


--userlist 


--sync 


What to Expect 


Description 


(Optional) Checks whether migration is possible with the given 
parameters. 


Specifies the user name of the iFolder 3.2 administrator. 
Specifies the user name of the iFolder 3.9 administrator. 
Specifies the iFolder 3.2 admin password. 

Specifies the IP address of the iFolder 3.2 server. 

Specifies the IP address of the iFolder 3.9 server. 

(Optional) Specifies the location for the temporary migration files. 


(Optional) Specifies a text file that contains the list of users for migration. 
If you don’t specify this, a complete migration is performed. 


(Optional) Performs the sync operation during migration for any changes 
made on the source server. 


* The user data (iFolders) is migrated. 


+ |f the user list is provided, only those users specified in the user list are migrated. 


* Inthe Transfer ID scenario, the iFolder 3.9 updates the configuration files with the new server IP 
address after the migration is completed. 
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26.1.3 


Upgrading iFolder 3.x 


You can upgrade iFolder 3.x on OES 2 SP3 or OES 11 to iFolder 3.9 on OES 11 SP3. This is a 
single-server scenario, where the source and target servers reside on the same machine. 


* "Server Upgrade" on page 217 
* "Client Upgrade" on page 218 


Server Upgrade 


Ensure that the server-side data is backed up before you perform the upgrade. 


You must use the YaST-based Novell iFolder configuration for the in-place upgrade. A YaST upgrade 
of OES 2 SP3 or OES 11 to OES 11 SP3 upgrades the configuration values of the iFolder enterprise 
server from the 3.x iFolder server to the 3.9 iFolder server. 


For details on YaST-based configuration, see Deploying iFolder Server (https://www.novell.com/ 
documentation/ifolder3/ifolder39 admin/data/bk60n10.html) in the Novell iFolder 3.9 Administration 
Guide (http://www.novell.com/documentation/ifolder3/ifolder39 admin/?page-/documentation/ 
ifolder3/ifolder39 admin/data/front.html). 


1 Install OES 11 by using YaST. For more information, see Installing iFolder on an Existing OES 11 
Server SP3 in the Novell iFolder 3.9 Administration Guide (http:/Awww.novell.com/ 
documentation/ifolder3/ifolder39 admin/?page-/documentation/ifolder3/ifolder39 admin/data/ 
front.html). 


2 Select Use Following Configuration, then click Novell iFolder to change the default configuration 
settings for iFolder. 


Or 
If you decide to use default settings, click Next to start Novell iFolder 3 configuration. 


For security reasons, it is recommended that you always change the default iFolder 
configuration settings. 


3 Follow the YaST on-screen instructions to proceed through the Novell iFolder 3.9 configuration. 
The table in the Configuring the iFolder Enterprise Server (https://www.novell.com/ 
documentation/ifolder3/ifolder39_admin/data/bk60n10.html#bk60nye) in the Novell iFolder 3.9 


Administration Guide (http://www.novell.com/documentation/ifolder3/ifolder39 admin/?page-/ 
documentation/ifolder3/ifolder39 admin/data/front.html) summarizes the decisions you make. 


NOTE: In an upgrade scenario, the following fields in the YaST UI for iFolder are disabled, so 
you don't need to specify them. 


* Path to the Server Data files 

* Install into Existing iFolder Domain 

* Private URL of Master server 

* Directory Server Address 

* iFolder Admin Password 

* Verify iFolder Admin password 

* LDAP Search Contexts 

* LDAP Naming Attribute 

* Require a secure connection between the LDAP server and the iFolder server 
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If you have upgraded an iFolder server to OES 11 in a cluster setup, the move to common proxy 
using the move to common proxy.sh script fails. This is because during the upgrade, the cluster 
volumes are not mounted. After the upgrade successfully completes, use the following command on 
the node where the iFolder cluster is running: 


/opt/novell/ifolder3/bin/ifolder mono setup 


This will update the Simias.config file with the necessary configuration information required for the 
common proxy framework. In non-cluster setups, this runs automatically as part of the post-install 
script. 


Client Upgrade 


* "Understanding the Upgrade Process" on page 218 
* "Preparing for the Upgrade" on page 218 
* "Upgrade Procedure for the User" on page 218 


Understanding the Upgrade Process 


With the client upgrade, binaries are upgraded with the new version of binaries and the client data is 
auto-upgraded. 


Preparing for the Upgrade 


Make sure that you perform the following server-side operations so that the user is notified of the new 
version of the iFolder client and prompted to accept the client upgrade. 


IMPORTANT: Ensure that the user backs up the Simias store before upgrading the client. 


1 Enter http: NN IP address of iFolder server inthe browser to go to the OES 11 SP3 home 
page. 

2 Download the client RPMs or executables from the OES 11 SP3 home page. 

3 Place the RPMs under the respective platform directories in the path 
ifolder installDirectory/lib/simias/web/update/unix 


The latest client RPMs are installed only if they are present in the given path. The automatic 
installation happens when the user attempts to connect the 3.x or 3.4.1 client to the iFolder 3.9 
server. The names of the platform-specific directories are in the version.config file in the same 
path. A script file named install-ifolder.shin the unix directory contains the commands for 
upgrading the RPMs to the latest version. 


Examples for install-ifolder3.sh are as follows: 
rpm -Uvh «absolute path of simias rpm» 


rpm -Uvh «absolute path of ifolder rpm> 
rpm -Uvh «absolute path of nautilus-ifolder3 rpm» 


4 Modify version.config to include entries for the directory where in the RPMs or the 
executables are placed. 


Upgrade Procedure for the User 


1 Connect the existing client to the server. 
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The client automatically prompts the user to accept the client upgrade when he or she attempts 
to connect an iFolder 3.x or 3.4 1 client to a 3.9 server. For more information, see Automatically 
Upgrading to iFolder 3.9.2 client on Linux (https://www.novell.com/documentation/ifolder3/ 
ifolder39_user/data/bctryt7.html#bctryt8) in the Novell iFolder 3.9 Cross-Platform User Guide 
(http://www. novell.com/documentation/ifolder3/ifolder39_user/?page=/documentation/ifolder3/ 
ifolder39 user/data/bookinfo.html). 


For instructions on performing a manual upgrade, see Manually Upgrading to iFolder 3.9.2 client 
on Linux (https://www.novell.com/documentation/ifolder3/ifolder39 user/data/ 
bctryt7.html#bbjsOlm) in the Novell iFolder 3.9 Cross-Platform User Guide (http:// 
www.novell.com/documentation/ifolder3/ifolder39_user/?page=/documentation/ifolder3/ 
ifolder39 user/data/bookinfo.html). 


26.14 Upgrading iFolder 3.6 


26.1.5 


26.1.6 


1 On the OES 11 client Downloads page, click the iFolder client for Linux link to download the 
RPMs as desired. 


For more information, see Deploying iFolder Server (https://www.novell.com/documentation/ 
ifolder3/ifolder39 admin/data/bk60n10.html) in the Novell iFolder 3.9 Administration Guide 
(http://www.novell.com/documentation/ifolder3/ifolder39_admin/?page=/documentation/ifolder3/ 
ifolder39_admin/data/front.html). 


2 Follow the on-screen prompts to download the files to a directory on your machine. 
3 Enter cd <location where you have downloaded the files>. 


4 Run rpm -Uvh *.rpmto upgrade to iFolder 3.9. 


Coexistence of iFolder 3.9 and iFolder 2.x Servers 


If you use both iFolder 2.x and Novell iFolder 3.9 services, we recommend that you install each 
version on its own dedicated server. OES 11do not support iFolder 2.x service. 


Coexistence of the iFolder 3.9 Client with Novell iFolder 1.x 
and 2.x Clients 


Do not install the iFolder 3.9 client in the same application folder as a Novell iFolder 1.x or 2.x client. 


The iFolder 3.9 client can coexist on the same workstation as the Novell iFolder 1.x client or 2.x client, 
with the following caveats: 


* The iFolder 3.9 client and its iFolders work only with the Novell iFolder 3.9 enterprise server. 


* The Novell iFolder 1.x or 2.x client and its iFolders on the workstation continue to work only with 
the assigned Novell iFolder server of the same release. 


* The single iFolder created with the iFolder 1.x or 2.x client can coexist with the multiple iFolders 
created with the iFolder 3.9 client. The iFolders function independently on the workstation; they 
do not exchange information or data. However, you can manually transfer local data between old 
and new iFolder folders. 


* You should not attempt to convert the Novell iFolder 1.x or 2.x folder to an iFolder to be managed 
by Novell iFolder 3.9 by any other means other than using the Migration Tool. Similarly, you 
should not convert parent folders of that iFolder to a next-generation iFolder. 
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26.2 


26.2.1 


26.2.2 


For example, if abc is the parent directory of the xyz directory, you should not attempt to migrate 
abc to iFolder 3.9 while xyz still remains an iFolder of type 2.x or 1.x. In addition, you should not 
attempt to migrate xyz to iFolder 3.9 while abc still belongs to a 2.x or 1.x domain. 


If the folder is no longer used by a prior version of the Novell iFolder client, such as after you 
uninstall the old client from the workstation, you can convert the folder or its parent folders to a 
next-generation iFolder. 


Migrating iFolder to OES 11 SP3 


This section provides information on how to migrate iFolder running on OES 2 SP3 (32-bit) to OES 11 
SP3. The OES2 SP3 or OES 11 server is referred to as the source server and the OES 11 SP3 server 
as the target server. 


Prerequisites 


* iFolder is installed and configured on an OES 2 SP3 32-bit machine. 
* iFolder is installed and configured on the target machine. 
* Perform the File System Migration for the source simias data path. 


For more information, see Appendix 16.4, "Migrating the File System Using the Migration GUI," 
on page 103. 


Transfer ID - Same Tree 


In this scenario, the target server is installed in the same tree as the source server. After successful 
completion of Transfer ID, the target server functions with the same credentials (such as IP address 
and hostname) as the source server and source server node is no longer available in the network. 


What Is Migrated 


The following data is migrated from the source server to the target server: 


* The simias data store path 
* The configuration files 


* Proxy user (migrates along with simias and configuration files) 


Migration Procedure 


1 Install OES 11 by using YaST on the target server. For more information, see Installing iFolder on 
an Existing OES 11 Server (https://www.novell.com/documentation/ifolder3/ifolder39 admin/ 
data/bwmvr20.html) in the Novell iFolder 3.9 Administration Guide (http://www.novell.com/ 
documentation/ifolder3/ifolder39 admin/?page-/documentation/ifolder3/ifolder39 admin/data/ 
front.html). 


2 Stop apache from source server using the following command: rcapache2 stop. 
3 Configure iFolder on the target server with the same values as the source server. 


For more information, see Novell iFolder 3.9 Administration Guide (http://www.novell.com/ 
documentation/ifolder3/ifolder39 admin/?page-/documentation/ifolder3/ifolder39 admin/data/ 
front.html). 


4 Stop Apache on the target server using the following command: rcapache2 stop. 


220 OES 11 SP3: Migration Tool Administration Guide 


5 Migrate the simias data store path from the source server to the target server in the same 
volume and directory structure. For more information, see Appendix 16.4, "Migrating the File 
System Using the Migration GUI," on page 103. 


6 Start Apache on the target server using the following command: rcapache2 restart. 


Post Migration 


After migrating iFolder, 


* Verify that admin and web access pages are accessible with the same details. 
* Ensure that all clients are able to connect to the server without issues. 


* Verify that the ownership of the ifolder data source is wwwrun:www 
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27.1 


27.1.1 


Migrating iPrint to OES 11 SP3 


Migration refers to the process of migrating iPrint from a NetWare system to a Linux system. For 
general information about the OES 11 SP3 Migration Tool, see Chapter 1, “Overview of the Migration 
Tools,” on page 15. 


The following sections give more details on the migration procedure for iPrint: 


* 


* 


* 


* 


* 


Section 27.1, "Prerequisites," on page 223 

Section 27.2, "Supported Migration Scenarios," on page 225 
Section 27.3, "What Is Migrated," on page 225 

Section 27.4, "Migration Procedure," on page 225 

Section 27.5, "Migrating an iPrint Cluster Resource," on page 234 
Section 27.6, "Migrating ZENworks iPrint Policies," on page 235 
Section 27.7, "Verifying Migration," on page 238 

Section 27.8, "Cleaning Up Stale Objects," on page 238 

Section 27.9, "Troubleshooting iPrint Migration," on page 239 
Section 27.10, "iPrintmig Man Page,” on page 245 


Prerequisites 


This section covers the migration prerequisites for all the migration scenarios supported by iPrint. 


* 


* 


Section 27.1.1, "Platform Specifications," on page 223 
Section 27.1.2, "General Prerequisites," on page 224 


Platform Specifications 


* 


* 


"Source Server Requirements" on page 223 


"Target Server Requirements" on page 224 


Source Server Requirements 


* 


NetWare 6.5, Open Enterprise Server (OES) 1 Linux 
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IMPORTANT: If your source server is OES 1 Linux, ensure that you update the server with the 
novell-iprint-server-5.1.20080415-1.1586.rpm patch. If your source server is NetWare 
6.5 SP 6, apply the nwe5sp7b patch. After applying the patch, do the following: 


1. Restart the active Print Manager. 


2. Start the web browser and open 
https://OES1 IPADDRESS/PsmStatus/Misc?backupDB-true. 
If the Database XML File field does not display the padbtxt.xml file, click Backup 
Database to regenerate the padbtxt .xml1 file. 


OES 2 SP2 
OES 2 SP3 
OES 11 
OES 11 SP1 
OES 11 SP2 
OES 11 SP3 


Target Server Requirements 


* 


OES 11 SP3 server with iPrint installed, and with Print Manager and the Driver Store configured. 
For more information, see "Installing and Setting Up iPrint on Your Server" "Creating a Print 
Manager," and "Creating a Driver Store" in the OES 11 SP3: iPrint Linux Administration Guide 
(https://www.novell.com/documentation/oes11/iprint Ix/data/front.html). 


IMPORTANT: If your target server is in a non-replica eDirectory tree, both the target Driver Store 
and Print Manager must be active for the migration to be successful. Configure SLP to make 
them active. For more information about SLP configuration, see "Configuration Parameters" in 
the NetIQ eDirectory 8.8 SP8 Administration Guide. 
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Before starting the migration, ensure that the source and target Print Managers are running. If 
you are using command line tools for migration, ensure that the source Print Managers are 
running. 


When you upgrade to OES, ensure that you migrate NDPS to iPrint. NDPS is not supported on 
OES Linux. 


Ensure that the file containing the printers to be migrated does not contains extra spaces or 
characters. For troubleshooting extra spaces, see "Printers are not migrating with the -f option" 
on page 241. 


Ensure that the driver paths are correct and accessible. For troubleshooting a bad driver 
assignment, see "Invalid driver path assignments" on page 241. 


Ensure that you retain the Print Agent redirection on the source servers. 


* For NetWare source servers, follow the instructions in "Setting Up DNS for the Print 
Manager” in the NW 6.5 SP8: iPrint Administration Guide. 


* ForLinux source servers, follow the instructions in "Creating a Print Manager" in the OES 11 
SP3: iPrint Linux Administration Guide. 
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* Ensure that the user has the following rights and permissions assigned explicitly on the source 
server so that the user can access and execute the psminfo.nlm, even if there is a mismatch of 
source server and container admin credentials for the user: 


* Read permission to sys:ndps folder on the migration source server. 
* Add the user as a trustee with supervisor rights to the source server NCP server object. 


* Back up the Print Manager database files on the source server prior to migration. For NetWare, 
see "Understanding the Print Manager Database" in the NW 6.5 SP8: iPrint Administration 
Guide. For Linux, see "Understanding the Print Manager Database." 


* The servers involved should be accessible via SSH. If the SSH ports are not open in the firewall, 
ensure that they are open before trying to access the servers. 


27.2 Supported Migration Scenarios 


iPrint supports the following migration scenarios: 


* Migrating servers within the same eDirectory tree 
* Migrating servers across different eDirectory trees 
* Migrating servers through consolidation 
* Migrating servers through a Transfer ID 


For more information about these scenarios, see Section 1.3, "Migration Scenarios," on page 16. 


27.3 What Is Migrated 


During the migration process, the following objects are replicated seamlessly from the source server 
to the target server: 

* Printers 

* Drivers 

* Banners 

* Printer pools 

* Redirected printers 

* ACL (only if the source and target servers are in the same tree) 

* Printer profiles 

* The iPrint.ini file (only if the source server is NetWare 6.5) 


* iPrint Client Management (only if the source and target servers are in the same tree and are 
sharing a common user) 


27.4 Migration Procedure 


Perform the following tasks for iPrint migration: 


¢ Section 27.4.1, "Pre-Migration iPrint Configuration," on page 226 

* Section 27.4.2, "iPrint Consolidate Migration," on page 226 

¢ Section 27.4.3, “Verifying the Result of the iPrint Migration," on page 233 
¢ Section 27.4.4, "Transfer ID,” on page 234 
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Pre-Migration iPrint Configuration 


Perform the following pre-migration steps on the target server: 


1 


Create the Driver Store. For more information, see “Creating a Driver Store" in the OES 11 SP3: 
iPrint Linux Administration Guide. 


If the eDirectory server1 value is not pointing to a server that holds a reliable replica, go to /etc/ 
opt/novell/iprint/conf/idsd.cont and modify the eDirectory server1 value to a server that 
holds a reliable replica. Change the IDSHostAddress value to the IP address (temporary IP 
address) of the migration server. Restart the Driver Store (rcnovell-idsd restart). 


Create the Print Manager. For more information, see "Creating a Print Manager" in the OES 11 
SP3: iPrint Linux Administration Guide. 


If the eDirectory server1 value is not pointing to a server that holds a reliable replica, go to /etc/ 
opt/novell/iprint/conf/ipsmd.conf and modify the eDirectory server1 value to a server 
that holds a reliable replica. Change the PSMHostAddress value to the IP address (temporary IP 
address) of the migration server. Restart the Print Manager (rcnovell-ipsmd restart). 


Change the iPrint Apache configuration. 


If AuthLDAPDNURL is not pointing to a reliable LDAP server, change AuthLDAPDNURL in / 
etc/opt/novell/iprint/httpd/conf/iprint ssl.conf to a reliable LDAP server. Restart 
Apache (rcapache2 restart). 


Ensure that the admin user is LUM-enabled. 


To check this, enter id admin at the terminal. If the admin user is LUM-enabled, UID and GID 
information is returned. 


Ensure that iprintman authentication is successful. 

To check the authentication by using the IP address, enter 
iprntman psm -1 -s «IP address> 

To check the authentication by using the DNS name, enter 
iprntman psm -1 -s «DNS name> 

Test iPrint prior to the migration on the target server. 


Using iManager, view the Print Manager and Driver Store. Click a few options to verify that you 
do not encounter any errors. 


Continue with Section 27.4.2, "iPrint Consolidate Migration," on page 226. 


NOTE: You can run psminfo.nlm on the source server, then copy the psminfo.xml file to the target 
server at the /opt /novell/iprint/share location. This avoids contacting the source server during 


migration. 


iPrint Consolidate Migration 


Migration of the iPrint configuration can be done through the Migration Tool or through the command 
line interface. 


* 


* 


"Using the Migration Tool" on page 227 
"Using the Command Line Utility" on page 232 


NOTE: When you migrate iPrint from NetWare to OES 11SP3, Public Access Printers are not 
migrated. 
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Using the Migration Tool 


1 Launch the Migration Tool on the target server in one of the following ways: 
Desktop: Click Computer » More Applications » System » Novell Migration Tools. 
Terminal: Log in as the root user and enter miggui at the terminal prompt. 


For details on configuring the source and target server information, selecting a migration type, 
opening a project, and on all the tool buttons, see Chapter 2, "Overview of the Migration GUI," on 
page 21. 


2 Authenticate to the source and target servers. 
3 Click Aad. 
4 Select Novell iPrint, then click Yes to configure. The iPrint configuration window is displayed. 


iPrint Migration 


Print Options | Other Options | 


Print Managers 


Select printers from Source printers list to migrate 
Source Print Manager 


r 7 
Target Prim Manager |, Ou e Servers ou mig-site o »novelll«blr.cein| | fs | Get Primers 


C eDirectory Server? 
*|n case the Target Server does not hold a eDirectory replica 
Printer Objects 


Source printers ( *Printer with same name exists on Target context) 


Select _Primer Agents. Context 


J Select All Filter 


Create Target printer objects in 
Context same as Source printer context 


© Target context; 


C] Do Not Migrate Existing Target Printers 


e Help | [ ox | p Q Cancel 


E -SES | 


For more information, refer to IPrint Migration Best Practices Guide 


5 Configure the following parameters to proceed with the migration process: 
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Print Objects Parameter 


Print Managers Source Print Manager 


Target Print Manager 


eDirectory Server 


Printer Objects Source printers 


Select All 


Filter 


Create target Context same as 
printer objects source printer context 
in 


Target context 


Description 


Specify the active Print Manager on the source server. The 
source Print Manager can be either an NDPS manager (for 
NetWare 6.5) or iPrint Manager (for OES 1 and OES 2 Linux). 
To go directly to a context of your choice, specify the context in 
the search base and click Search. The objects in the specified 
context are displayed. 


The Target Print Manager field is populated with the name of 
the active Print Manager running on the target server. This field 
is editable; you can also specify a different name for the active 
Print Manager. To go directly to a context of your choice, 
specify the context in the search base and click Search. The 
objects in the specified context are displayed. 


Click Get Printers to select printer objects from the source Print 
Manager. 


Click Get Printers to select printer objects from the source Print 
Manager. 


Select this option if the target server does not hold an 
eDirectory replica. Specify the IP address of the target server 
that holds the reliable eDirectory replica. 


Displays all the printers of the active Print Manager available 
on the source server. The printers that already exist on the 
target server are indicated by an asterisk (*). 


Selects all the printers listed in the Printer Objects dialog box. 


NOTE: When you apply a new filter or modify an existing filter 
and click Select All, only printers that are displayed after 
applying the filter are selected. When you manually select all 
printers, the selected printers are migrated. 


Specify the search pattern in the Filter field. This displays the 
printers in the Printer Agents list. This field is case sensitive. 


Select this option to use the same context as the source 
printers on the target server. 


NOTE: If you are migrating to a different tree and you select 
Context same as Source printer context, ensure that the 
context exists in the target tree. 


This option is selected by default. It allows you to create source 
printers under a different context on the target server. This 
option does not maintain the context hierarchy of the source 
printer. 


To go directly to a context of your choice, specify the context in 
the search base and click Search. The objects in the specified 
context are displayed. 
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Print Objects Parameter Description 


Do Not Migrate Existing If the printer names on the source server match the printer 

Target Printers names on the target server, the target printer properties and 
attributes are overwritten by the source printer properties and 
attributes. 


The printers that already exist on the target server are 
represented by an asterisk (*). 


iPrint Migration 


[ Print Options | Other Options - 


Source Driver Store 
LJ The Source Driver Store is not on the same Server as the Source Print Manager 
IP Address/DNS Name 
User Name 
Password 
Migrate the following additional Source Print Brokers to the Target Driver Store 


| IP Address/DNS Name Í Broker Volume Name 


Target Driver Store 
Target Driver Store DN [cn =remote_ds_160,ou=mig-site,o=novell,/=bir,c=in 
[e] Target Driver Store is remote 
IP Address/DNS Name [164 99.182 160 
User Name [root 


Password | 


Printer Drivers 
Options to Migrate Printer Drivers 
O Do Not Migrate Printer Driver and association of the Printer Agents with the Driver 
® Migrate Printer Driver if the driver is not present in the Target Driver Store 
© Migrate all Printer Drivers, This overwrites the Printer Driver on the Target Driver Store 
Migrate drivers for the following platforms 


[osse 


Windows 95/98 

Windows NT 4 
ndows 2000 

Windows XP 


Press Ciri« Click to select or deselect more than one platform 


(v Migrate Printer Driver Profiles. This overwrites the existing Printer Driver Profiles 
(v Migrate iPrint.ini file. This overwrites the existing iPrint.ini file on Target 


Hep 


For more information, refer to IPrint Migration Best Practices Guide 
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Other Options Parameter 


Source Driver The Source Driver 

Store Store is not on the 
same server as the 
Source Print Manager 


Migrate the following 
additional Source Print 
Brokers to the Target 
Driver Store 


Target Driver Target Driver Store DN 
Store 


Target Driver Store is 
remote 


Additional source Print 
Broker to be migrated 
to the target Driver 
Store (optional) 


Description 


If the source Driver Store is running on a server different from 
the source Print Manager's server, this check box is selected. 


Specify the IP address or the DNS Name and the root 
password of the server on which the source Driver Store is 
located. 


For more information about using this panel, see Step 6 on 
page 231. 


This section lists the names and IP/DNS addresses of the 
source Print Broker volumes that need to be migrated to the 
target Driver Store. 


Use the + and - icons to add and delete the source Print 
Brokers. 


The Target Driver Store DN field is auto populated with the 
Driver Store associated with the PSM object, if the driver store 
is running. This field is editable; you can also specify the name 
of the Driver Store. To go directly to a context of your choice, 
specify the context in the search base and click Search. The 
objects in the specified context are displayed. 


Specify the IP address or the DNS name and the root password 
of the server on which the source Driver Store is located. For 
more information about using this panel, see Step 6 on 

page 231. 


To go directly to a context of your choice, specify the context in 
the search base and click Search. The objects in the specified 
context are displayed. 


IMPORTANT: If the target Driver Store is hosted by a server 
that is not hosting the Print Manager, you cannot select the 
Driver Store's eDirectory server. To resolve this, go to the Driver 
Store's /etc/opt/novell/iprint/conf/idsd.conf file 
and update the DSServer1 value to the address of a server that 
holds the replica. Restart the Driver Store (rcnovell-idsd 
restart) after making the change. 


If the Driver Store is running on the remote server (other than 
the target server), the Target Driver Store is remote check box 
is enabled. 


Specify the IP address or the DNS name of the remote server 
and the root password of the remote server in the 
corresponding entry fields. 


Click the plus button (+) and specify the IP address or the DNS 
name of the Source Broker. Select the Source Broker volume 

from the drop-down list and click OK. The list is populated with 
the IP address or DNS name of the Source Broker and Broker 
volume name. You can add multiple Source Brokers to the list. 


To remove the Source Broker from the list, select the IP 
address or DNS name and click the minus button (-). You can 
remove one Broker at a time. 
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Printer Drivers Do not Migrate Printer 


Printer Driver 
Profile 


iPrint.ini File 


Drivers and the 
association of the 
Printer Agents with the 
Driver 


Migrate Printer Driver if 
the driver is not present 
in the target Driver 
Store 


Migrate all Printer 
Drivers (this overwrites 
the Printer Driver on 
the target Driver Store) 


Migrate Printer Driver 
Profile 


Migrate iPrint.ini File 


Description 


Selecting this option ensures that printer drivers and the 
association of Printer Agents with the drivers are not migrated. 


Selecting this option migrates the printer drivers for the driver 
platforms you have selected from the Select Driver Platforms to 
Migrate list if they are not present in the target Driver Store. 
This also migrates all the associations of the Printer Agents 
with the driver. 


NOTE: The default driver platform selection is All. 


Selecting this option overwrites the target drivers for the driver 
platforms you have selected from the Select Driver Platforms to 
Migrate list, if the driver names in the target Driver Store are the 
same as the source Driver Store. This also migrates all the 
associations of the Printer Agents with the driver. 


NOTE: The default Driver Platform selection is All. 


If the profiles are the same on the target server as the source 
server, the target profiles are overwritten. 


If you migrate printer agents from two or more print managers, 
the iPrint.ini file on the target server is replaced by the 
iPrint.ini ofthe last source server. 


NOTE: After migration, if the target server's iprint.ini file is 
overwritten by the source server's file, and if the target server's 
iprint.ini file had new parameters that were erased, you 
can restore them by copying the parameters manually from the 
iprint.bak file. The iprint . bak file is a backup of the 
target server's iprint.ini file. After migration, the 

iprint .bak file is saved in the /var/opt/novell/ 
iprint/htdocs directory. 


6 In the Source Driver Store and Target Driver Store panels, the default user name is displayed as 


root. To use a user name other than root, make the following changes: 
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Source Driver Store 
[v] The Source Driver Store is not on the same Server as the Source Print Manager 
IP Address/DNS Name 
User Name root 


User Password 


Migrate the following additional Source Print Brokers to the Target Driver Store 
[ IP Address /ONS Name I Broker Volume Name 1 [9] 


Target Driver Store 
Target Driver Store DN [cn - ds- 102-58,0«nowvell [ts] 
[v] Target Driver Store is remote 


IP Address/DNS Name [192.168.1.255 


User Name lroot 


User Password 


* Add the intended user name to the sudoers database by using the following command - 
«new non-root user name» ALL - (ALL) ALL 

* Comment out the following two lines from visudo -f /etc/sudoers: 
1. Defaults targetpw # ask for the password of the target user i.e. root 


2. ALL ALL-(ALL) ALL # WARNING! Only use this together with 'Defaults 
targetpw'! 


This ensures that the system does not prompt you for a root password. 
7 Click OK to finish the configuration and go back to the migration screen. 
8 Click Migrate. 


Using the Command Line Utility 


You can use iprintmig to migrate iPrint. For more information, see Section 27.10, "iPrintmig Man 
Page,” on page 245. 


Use one of the following methods to migrate to OES 11 SP3: 


* From a terminal prompt on the target server, run iprintmig to migrate the printers on the 
source server to the target server. Before running the utility, set the environment variable for 
safely transferring the password. 


For safe transmission of passwords to the script via an environment variable or via the -P/-T 
options, see "Using Passwords" on page 249. 


IMPORTANT: This method is safe and recommended. 


Syntax: iprintmig -s source server -u source username only -U 
target username only -a -x psminfo.xml -I cn=ids,o=example,c=us -i 
ids.example.com -c ou=iPrint,o=example,c=us 


* Froma terminal prompt on the target server, run iprintmig to migrate the printers on the source 
server to the target server by specifying the password. 


IMPORTANT: The password is visible to users in this method. 
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Syntax: iprintmig -s source server -u source username only -p source password - 
U target username only -t target password -a -x psminfo.xml -I 
cn=ids,o=example,c=us -i ids.example.com -c ou-iPrint,o-example,c-us 


Migrating One Printer at a Time 


Example: iprintmig -s source server name -u source admin -U target admin -n 
printerl -x psminfo.xml -I cn=ids,o=example,c=us -i ids.example.com -c 
ou-iPrint,o-example,c-us -N 


Migrating a Few Printers at a Time 


Example: iprintmig -s source server name -d target server name -u source admin -U 
target admin -x psminfo.xml -I cn=ids,o=example,c=us -i ids.example.com -c 
ou-iPrint,o-example,c-us -n printerl -n printer2 -n printer3 -n printer4 -L 


Migrating All Printers 


Example: iprintmig -s source server name -d target server name -u source admin -U 
target admin -x psminfo.xml -I cn-ids,o-example,c-us -i ids.example.com -c 
ou=iPrint,o=example,c=us -a -N 


Migrating Printers by Using SSL 


Example: iprintmig -s source server -u source username -U target username -a -I 
cn=ids,o=example,c=us -i ids.example.com -c ou=iPrint,o=example,c=us -ssl -port 
LDAP port -N 


Migrating Printers without SSL 


Example: iprintmig -s source server -u source username -U target username -a -I 
cn=ids,o=example,c=us -i ids.example.com -c ou=iPrint,o=example,c=us -port LDAP 
port -N 


IMPORTANT: Ensure that you verify the result of the iPrint migration, as described in Section 27.4.3, 
"Verifying the Result of the iPrint Migration," on page 233. 


Verifying the Result of the iPrint Migration 


1 Open iManager on the server you use for iPrint management. 
2 Install some printers on the test workstation. 
3 Run reports to verify all the migrated information: 
3a Go to https: //«MigrationServerIP»/PsmStatus/GenerateReportSettings. 


3b Select the check box for Printer Drivers, Associated NDS Printer, and other options for the 
NetWare Printer Agents. 


3c Click Generate Report. 
3d Verify that all the printer agents have the expected values. 
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Transfer ID 


To perform an identity transfer, configure the iPrint service for migration, then select Transfer ID. This 
migrates iPrint to an OES 11 SP3 server, and then transfers the source server's identity. Migrate iPrint 
services to the target server before starting the Transfer ID process. For more information, see 
Chapter 10, “Using the Migration GUI Tool for Transfer ID,” on page 65. 


Before starting the Transfer ID process you must migrate all services to the target server. See 
Chapter 9, “Preparing for Transfer ID,” on page 61. 


IMPORTANT: Do not start the Transfer ID process until the migrated iPrint service on the target 
server successfully completes the outlined tests. To verify the result of iPrint migration, see 
Section 27.4.3, “Verifying the Result of the iPrint Migration,” on page 233. 


Migrating an iPrint Cluster Resource 


Perform the following steps to migrate the iPrint cluster resource from NetWare to OES 11 SP3 
without reinstalling the printers on the workstations. 


NOTE: When you upgrade to OES, ensure that you migrate NDPS printers to iPrint. NDPS is not 
supported on OES Linux. For more information, see “How to automate the upgrade from NDPS to 
iPrint" (http://Awww.novell.com/support/php/ 
search.do?cmd=displayKC&docType=kc&externalld=7004661&sliceld=2&docTypelD=DT_TID_1 1 
&dialogID=159879519&stateld=0%200%20159881359). 


1 Set up iPrint for a cluster environment. 


For more information, see "Setting up the Cluster Environment for iPrint" in the OES 11 SP3: 
iPrint Linux Administration Guide (https://www.novell.com/documentation/oes11/iprint Ix/data/ 
front.html). 


2 Migrate the target cluster resource hosting iPrint from node to node. 
On each node, check the status of the Print Manager and Driver Store. 
rcnovell-ipsmd status 
rcnovell-idsd status 


Test the ability of the Print Manager to authenticate the admin user (or the user given in the 
Migration Tool). 


iprntman psm -1 -u admin 
3 Perform the pre-migration for iPrint configuration. 
For more information, see Section 27.4.1, "Pre-Migration iPrint Configuration," on page 226. 


4 Perform a consolidated migration of the iPrint service. For more information, see Section 27.4.2, 
"iPrint Consolidate Migration," on page 226. 


When the source or target iPrint service is hosted on a cluster resource, transferring a node's 
identity is not necessary and not recommended. 


5 Verify the result of the iPrint migration. 


For more information, see Section 27.4.3, "Verifying the Result of the iPrint Migration," on 
page 233. 
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6 Transition end-user printing from NetWare to Linux: 
6a Offline the NetWare iPrint cluster resource. 
6b View the NetWare iPrint cluster load script's /DNSNAME value. 


6c Configure DNS to resolve the /DNSNAME value to the IP address of the target Linux cluster 
resource hosting the Print Manager. 


The propagation of the DNS change might take time, depending on your network. 


DNSNAME is the address that the clients use to find the NetWare Print Manager. The same 
DNSNAME is used to find the Linux Print Manager. 


6d Update each of the Linux node /etc/hosts files to resolve to the Linux iPrint cluster IP 
address. 


6e Update the /etc/opt/novell/iprint/conf/ipsmd.conf PSMHostAddress value to the / 
DNSNAME. 


6f Restart the Print Manager. 


7 Perform the post-migration steps. For more information, see xxxx. 


Migrating ZENworks iPrint Policies 


The ZENworks 10 Configuration Management and ZENworks 7 iPrint policies contain a list of printers 
to be distributed via the policy. The printer names are back-linked to the eDirectory object of the 
corresponding printer. When the iPrint service is migrated from a Netware, OES 2 SP3, or OES 11 
server to an OES 11 SP3 server, iPrint policies containing migrated printers must also be updated. 
For example, if the ZENworks 7 iPrint policy contains a printer from the source server, after migration 
it must contain a corresponding printer from the target server. 


The novell-iprint-migration.rpm also contains the scripts for migrating ZENworks 10 
Configuration Management and ZENworks 7 policies. You must run the scripts to migrate the policies. 


IMPORTANT: The target server and the source server must be in the same tree and in the same 
container. 


¢ Section 27.6.1, "Policy Migration in ZENworks 10 Configuration Management,” on page 235 
¢ Section 27.6.2, "Policy Migration in ZENworks 7,” on page 237 


Policy Migration in ZENworks 10 Configuration 
Management 


* “Prerequisites” on page 236 


+ "Options" on page 236 
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Prerequisites 


* The file with the list of printers to be migrated must be copied from the target server to the 
ZENworks 10 Configuration Management server. 


* Ensure that the latest version of ZENworks 10 Configuration Management is installed. You can 
get the ippmanagement utilities from there. 


* Install Perl on your server to run the policy migration script on the ZENworks 10 Configuration 
Management windows server. 


Syntax: zcm-migrate-print-policy.pl -a «Administrator name» -p «Administrator password» 
-s «Source server» -d «Destination server» . 


The zcm-migration-print-policy.pl script is located in /opt /novell/bin. Copy and run the 
script on the ZENworks 10 Configuration Management server. This script copies the original printer 
policies and the policies are formed in the target server. If you encounter any error, see the log file 
available at zcem10-migration.1log. 


Options 

-a, --admin 

Administrator name. 

-p, --passwd 

Administrator password. 

-P, --port 

(Optional) Port number (The default port is 80). 
-l, --linux 

(Optional) The source operating system is Linux. 
-n, --netware 

(Optional) The source operating system is NetWare. 
L8, --B8fC 

Source server IP address or the DNS name. 

-d, --dest 

Target server IP address or the DNS name. 

-r, --rem 

(Optional) Deletes old policies. 

-c, --change 

(Optional) Changes the default printer. 

-f, --file 

The file name that has the list of printers to be migrated. 
-X, --xml 


(Optional) The directory containing the policies in XML form. 
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Policy Migration in ZENworks 7 


The zen7-migration-print-policy.p1l script is located in /opt/novell/bin/. Run the script on 


the target server where the replica of the eDirectory tree is present. This script copies the original 


printer policies and the policies are defined on the target server. If you encounter any error, see the 


log file at /var/opt/novell/log/iprint/zenpolicy migration.log. 


Syntax: «script name» -v -v -v «log file» -s «Host name or IP address» -a 


«Administrator FDN> -p «Administrator password» -b «Base DN» -d «Keep default» -r 


«Deletes the old policies» -n «Source Operating System» -f «Filename containing a 


list of files containing migrated printer list». 


Options: 

=y -v -v 

Log file. 

-s, --host 

Hostname or IP address. Source server IP address. 
-a, --admin 

Administrator FDN (such as cn=admin,o=novell). 
-p, --passwd 

Administrator password. 

-b, --base-dn 

DN of a container to search for the ZENworks 7 iprint policy objects (e.g. o=novell). 
-d, --keepdefault 

Retains your default printer in the ZENworks 7 policy. 
-l, --linux 


The source operating system is Linux (for an ID swap always specify -l, even if the source is 
NetWare.). 


-n, --netware 

The source operating system is NetWare. 

-f, --file 

A file name that has a list of printers to be migrated. 


For more information about ZENworks, see ZENworks 10 Configuration Management (http:// 
www.novell.com/documentation/zcm10/index. html). 
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27.7.1 


27.7.2 


27.8 


Verifying Migration 


After migration is complete, the desired Print Manager on the target server must be active. This 
ensures that the migration has been successfully completed. Use the procedures in this section to 
check for the Print Manager and printers. 

¢ Section 27.7.1, “Using iManager,” on page 238 

* Section 27.7.2, "Using the Command Line,” on page 238 


IMPORTANT: If the Print Manager is down after migration, see Section 27.9, "Troubleshooting iPrint 
Migration," on page 239. 


Using iManager 


Open iManager on the target server. 

Go to iPrint » Manage Print Manager. 

Specify the iPrint Manager name or NDPS Manager name. 
Click OK, then ensure that the Print Manager status is Active. 


ao à OO N HP 


Click Printer Agents. 


Depending on your setup, it might take some time to display the printers on the target server. 


Using the Command Line 


1 Atthe console, enter iprintman psm -1 -u admin. 
2 Enter the admin password when prompted. 


This displays the status of all the Print Managers with their status. Ensure that the desired Print 
Manager is Active. 


3 Atthe console, enter iprintman printer -l1 -u admin. 
4 Enter the admin password when prompted. 


This displays the printers on the target server. 


Cleaning Up Stale Objects 


You can clean up stale iPrint objects by using the /opt/novell/iprint/bin/iprintcleanup.pl -s 
«source server» -u «source user(FDN format)» --ssl --port «LDAP Port» -f «filename» 
command. 


-h --help 

Print the summary 

-5S --Src «Source server» 
Source server IP address. 

=U --Src-user «user» 


Admin user FDN for the source server. For example, cn=admin,o=novell. 


-p --Src-pass <pswd> 
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Password of the source server admin user. 


-f | --renamed-printers-file «filename» 


File name to clean up. For example, /etc/opt/novell/iprint/conf/renamed printer objects. 


--ssl 


Use this option if SSL is enabled on the server. 


--port 
LDAP enabled port. 


Troubleshooting iPrint Migration 


+ "iPrint Service does not work after the Transfer ID Process” on page 239 

* "Printers are not migrating to OES 11" on page 240 

* "Target server authentication fails in a cluster environment" on page 240 

* "Printers are not migrating with the -f option" on page 241 

¢ “Invalid driver path assignments" on page 241 

* "Printers are not migrating in the same eDirectory tree under the same context" on page 242 
* "Migration fails even after a pre-check is passed" on page 242 

* "Migration fails when the Print Manager does not have a clean shutdown" on page 242 

* "Migration fails when a printer is assigned to a Print Manager" on page 242 

* "Migration fails when the SYS volume folder is not available on the source server” on page 242 
* "Migration fails for container admin credentials on the source server" on page 243 

¢ "Migration fails with an error message" on page 243 


* "The Driver Store and Print Manager are not initialized after migration on the target server" on 
page 243 


+ "Printers not coming up after Transfer ID migration" on page 243 
* "Printer fails to install with the error “wrong printer URL” on page 244 


* "Migration is completed with the status "Successful with warnings. Please refer the migration 
log"" on page 244 


¢ "Printers migrated from the source to target in the same context are not migrated to the target in 
a different context" on page 244 


+ "Problems with accessing newly created printer agents after copying the padbtxt.xml file from the 
source to the target" on page 244 


¢ "Redirections are not successful when printers are migrated" on page 245 


iPrint Service does not work after the Transfer ID Process 


Source: The iPrint service does not work after the Transfer ID process is complete. 
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Action: After the completion of the Transfer ID process, confirm the following values: 


1 Goto /etc/opt/novell/iprint/conf/ipsmd.conf and change the 
PSMHostAddress value to the source server's IP address or DNS name 
(preferably a CNAME was used). Use the address that was used when you 
loaded with the /dnsname or /ipaddress switch. If you are unsure, view the 
name by which the iPrint printers are installed at the workstations. 


2 Change the eDirectory server1 value to a reliable eDirectory server 
address. 


3 Go to /etc/opt/novell/iprint/conf/idsd.conf and change the 
IDSHostAddress value to the source server's IP address or DNS name 
(which is now the target server's IP or DNS). 


4 Change the eDirectory server1 value to a reliable eDirectory server 
address. 


5 Goto /etc/hosts and ensure that entries are correct for the new identity. 


6 Goto /etc/opt/novell/iprint/httpd/conf/iprint ssl.conf and 
update the AuthLDAPDNURL "Idaps://[address..]" to any reliable LDAP 
server. 


7 Goto /etc/opt/novell/iprint/httpd/conf/iprint g.conf and update 
the address after the ServerName entry. Ensure that you choose the new 
identity IP address. 


8 Restart the Print Manager (rcnovell-ipsmd restart), Driver Store 
(renovell-idsd restart), and Apache (rcapache2 restart). 


9 Use iManager to test iPrint by using the Print Manager, Driver Store, and 
printers. 


If you encounter an error while managing the Print Manager, one of the 
certificates might need to be updated. To troubleshoot, see the Cool 
Solutions article "Certificate Re-creation Script for OES 1 and OES 2" (http:/ 
/www.novell.com/communities/node/5704/certificate-recreation-script-oes1- 
and-oes2). 


Printers are not migrating to OES 11 


Explanation: Occasionally the iPrint migration status is successful but the specified Print 
Manager is not active or is down, so printers are not migrated to the OES 11 
server. 


Possible Cause: Some other Print Manager is active or is already loaded on the OES 11 server. 


Action: On the OES 11 server: 


1 Search for the ipsmd daemons by executing the ps ax | grep ipsmd 
command. This displays two running ipsmd processes. 


2 Kill the individual ipsmd daemons by executing 
kill -9 pid of ipsmd 


3 Restart the migration by executing iprintmig. 


Target server authentication fails in a cluster environment 


Explanation: The loopback address is not authenticated. 
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Possible Cause: The loopback address is not being resolved to the IP address of the target server 
in the cluster environment. 


Action: Enter the IP address or DNS name of the target server. 


Printers are not migrating with the -f option 


Explanation: iprintmig skips adding printers from the file containing the printer list. 


Possible Cause: Ifthe file with the printers to be migrated contains extra spaces or characters, the 
file is skipped by the utility. 


Action: Delete the extra spaces or characters and restart the migration process. 


Invalid driver path assignments 


Explanation: Specific printers are not being migrated and you see the error message 
XMLToDoCIMInstance::doWork(): CIMException encountered (general 
error) «Operating System Name» GetDriverInfo failed:«Printer Name> 
during migration. 


Possible Cause: The printers are associated with deleted or missing drivers. 


Possible Cause: The driver is associated with a remote path that no longer exists. The path can 
be a remote server or an unmounted volume. 


Action: Verify the driver path and generate a report to correct the driver assignment: 
1 In iManager, select Manage Print Manager. 


2 Select an NDPS Manager. 
3 Click OK. 


NOTE: If the Print Manager is down, click Startup to change the status to 
Active. 


4 Click Printer Agents Configuration Report. 


5 Select one or more configuration options for the operating system name 
displayed in the error message. 


6 Click Generate Report. 


7 The driver assignment path is displayed for individual Printer Agents in the 
report. 


8 Verify that the complete driver path is a valid assignment. 


9 (Conditional) If the path is invalid, select Manage Printer and do the 
following: 


9a Choose a required printer under NDPS Printer Name. 
9b Click OK. 


9c In the Drivers tab, select the specific operating system for which the 
assignment is invalid. A message displays this message: The current 
driver does not exist. 


9d Click OK. 
9e Select either NONE or a suitable driver. 
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Printers are not migrating in the same eDirectory tree under the 


same context 


Explanation: 


Possible Cause: 


Action: 


Printers are not being migrated and you see an error message: 

CIMException encountered (general error): Creation of printer 
'CN=<PrinterName>,o=<organization>' object failed. Object exists, 
but failed to get iPrintPrinterManager value. 


The migration was in the same eDirectory tree and the source Print Manager and 
target Print Manager were under the same context. 


Use iManager to create a Print Manager on the target server in a different 
context. Restart the migration with the target Print Manager as the newly created 
Print Manager. 


Migration fails even after a pre-check is passed 


Explanation: 


Possible Cause: 


Action: 


When you restart the source server, the migration fails if the Print Manager was 
not successfully unloaded. 


The eDirectory attributes for the unloaded PSM are not cleaned up. 


Restart the Print Manager. 


Migration fails when the Print Manager does not have a clean 


shutdown 


Explanation: 
Possible Cause: 


Action: 


When the Print Manager does not have a clean shutdown, migration fails with an 
error message stating this is an invalid print manager on target. 


The eDirectory status for the Print Manager is not updated when the Print 
Manager shutdown is not clean. 


Restart the Print Manager. 


Migration fails when a printer is assigned to a Print Manager 


Explanation: 


Possible Cause: 


Action: 


The migration fails with an error message CIMException encountered (general 
error): Creation of printer «Printer FDN» ( Eg: 
cn-Printerl,o-novell) object failed. Object exists, 
iPrintPrinterManager value indicates that the printer is 
associated with another ipsmd. 


Trying to reassign a printer to a new Print Manager when the existing Print 
Manager assigned to this printer is down. 


Do not select the printer that is currently assigned to a Print Manager on the 
target server when it is down. 


Migration fails when the SYS volume folder is not available on the 


source server 


Possible Cause: 


Action: 


The sys :ndps folder was renamed or deleted from the source server. 


Ensure that the sys :ndps folder is on the source server. 
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Migration fails for container admin credentials on the source server 


Explanation: Printer objects with the container admin credentials are not being migrated. 


Possible Cause: There is a mismatch between the source server and container admin credentials 
for the user. The source server might not be in the same container where full 
access rights are defined. 


Action: Ensure that the user has the following rights and permissions assigned explicitly 
so that the user can access and execute psminfo.nlm: 


* The read permission to the sys :ndps folder on the migration source server. 


* Add the user as a trustee with supervisor rights to the source server NCP 
Server object. 


Migration fails with an error message 


Explanation: Migration fails with the following error message: 'OpenWBEM4 : : HTTPException' 
what(): Unable to process request: 401: Authentication failure 
Aborted. 


Possible Cause: The admin user is not correctly LUM-enabled. 
Action: LUM-enable the admin user: 
1 Run yast2 novell-lum from the command prompt. 
2 Click Continue. 
3 Enter the admin password. 


4 Click Next and follow the on-screen prompts. 


The Driver Store and Print Manager are not initialized after migration 
on the target server 


Explanation: The Driver Store and Print Manager are not initialized on the target server when 
SLP configuration is used. 


Possible Cause: Problems in SLP configuration before starting migration. 


Action: Enterthe slptool findsrvs service:ndap.novell | grep «TREE NAME> 
command to list the TREENAME. If the tree name is not listed, fix the SLP 
configuration. For details, see Section 4.1, "Prerequisites," on page 41. 


Printers not coming up after Transfer ID migration 


Explanation: You migrate printers by using the Transfer ID option, but printers are not coming 
up. 
Possible Cause: Printers are not being associated with the drivers after a Transfer ID action. 


Action: Use the following procedure: 


1 Run the /opt/novell/bin/ipsmd -x /tmp/psmimport idswap.xml -s 
«Server IP Address» -u admin -f command on the OES 11 console. 


2 Enter the admin password. 
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Printer fails to install with the error “wrong printer URL” 


Explanation: After a successful migration, the redirected printers fail to install on the target 
server. 


Action: Ifthe iPrint service is configured with the IP address and if the source server is 
down, installation fails. 


Ensure that the source server is up and running, then install the redirected 
printer. 


Action: If the iPrint service is configured with DNS and the DNS is not resolved with the 
target server IP address, installation fails. 


Ensure that the DNS is resolved to the target server IP address, then install the 
redirected printer. 


Migration is completed with the status "Successful with warnings. 
Please refer the migration log" 


Explanation: The message is displayed when the drivers associated with the printers are not 
migrated to the target server. 


The printers are migrated, but you cannot install the printers for which the driver 
download or upload has failed. 


Action: Check the migration log for the drivers that failed to migrate. Do not perform a 
migration; instead, manually upload or download those drivers to the target 
server. 


Printers migrated from the source to target in the same context are 
not migrated to the target in a different context 


Explanation: When you migrate printers from the source to the target in the same context and 
then you restart the Printer Manager and try to migrate those printers again in a 
different context, the printers fail to migrate. 


Action: Do not migrate printers in a different context if they have already been migrated 
from the source to the target in the same context. 


Problems with accessing newly created printer agents after copying 
the padbtxt.xml file from the source to the target 


Explanation: When you copy the padbtxt .xm1 file from the source to the /opt /novell/ 
iprint/share directory on the target, the Migration Tool cannot access any 
newly created Printer Agents that were added to the source after copying the file. 


Action: Copy the padbtxt . xml file from the source to the target every time you create 
printer agents. When you select printers to migrate and migration passes 
successfully, but the printers selected for migration are still not migrated, one 
possible reason could be the presence of an outdated padbtxt . xm1 file in the 
directory. Remove the file and retry the migration procedure. 
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Redirections are not successful when printers are migrated 


Explanation: When you redirect one printer to another on the source, migrate both the 
redirected printer and the other printer to the target, and associate a driver to the 
redirected printer on the target server, and then try to install the other printer from 
the target server, the printer installation fails. This is because this printer on the 
target server points to the redirected printer on the source, which does not have 
any drivers associated with it. 


27.10 iPrintmig Man Page 


* "iprintmig(1)" on page 246 
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iprintmig(1) 


Name 


iprintmig - Migration utility for Novell iPrint 


Syntax 
This section contains iPrint commands and utilities used on the Linux platform. 
iprintmig -s «server» -u «user» «options» -n <printer1>...<printerN> 


iprintmig -s «options» 


Description 


iprintmig is a management tool used to migrate printers to OES 11 SP3. 


Options 
-h, --help 
Prints this summary. 


-V, -VV, -VVV, -VVVV, -verbose 


Specify the level of detail to display about the execution of operations with -v displaying minimum 
information and -vvvv displaying maximum information. 


-V, --version 
Prints version information. 
-S <server>, --src <server> 
Specifies the source server hostname or address to migrate from. 
-d <server>, --dst <server> 
Specifies the target server hostname or address to migrate to. 
-D «PSM DN», --dst-dn <PSM DN» 
Specifies the destination print manager DN to migrate to. 
-u <user>, --src-user <user> 
Specifies the FDN format admin for the source server, such as cn=admin, O=example. 
-U <user>, --dst-user «user» 
Specifies the FDN format admin for the target server, such as cn=admin, O=example. 
-p «pass»? , --src-pass «pass» 
Password of the source server admin user. 
-P<fd>, --src-pass-fd «fd» 


File descriptor number (to read the source admin password). 
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-t<password>, --dst-pass «password» 

Password of the user on the target server. 
-T<fd>, --dst-pass-fd «fd» 

File descriptor number (to read the destination admin password). 
-i«IDS server», --ids «IDS server» 

Target iPrint Driver Store (IDS) server hostname or address. Defaults to dst. 
-IKIDS DN5, --ids-dn «IDS DN» 

Distinguished name of the target IDS. 
-e<server>, --edir «server»? 

Server hostname or address of the eDirectory server for the target server to use. 
-n<printer>, --printer-name «printer? 

Name of the printer to migrate. Can be specified multiple times. 
-f <file>, -printers-file <file> 

File containing names of printers (1 per line) to migrate. 
-F <fd>, -printers-fd <fd> 

File descriptor number listing names of printers to migrate. 
-a, --all 

Migrates all printers from the source. 
-c<DN>, --dst-container <DN> 

DN of the container to create print objects in (conflicts with -S). 
-S, --same-dn 


Creates objects on the target server with the same DN as the source server. Only valid when 
migrating to a new tree. 


-H, --same-hostname 


Creates a manager on the target server with the same hostname as the source manager. Useful 
when migrating the entire print server. 


-x<file>, --xml-outfile <file> 


Saves the XML migration processing file to <file>. 


--O, --remoteDS-root-pass<pass> 


Root password of the remote driver store server. 


--O, --remoteDS-root-pass-fd<fd> 


File descriptor number (to read the root password of the remote driver store server). 


--q, --Src-root-pass<pass> 
Root password of the source server. 


--Q, --src-root-pass-fd<fd> 
File descriptor number (to read the root password of the source server). 
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--srcversion 


Indicates the version of the operating system on the source server. 


--nodrivers 


Do not migrate drivers. If drivers are not present in the destination IDS, clients cannot install 
printers. 


--overwrite-drivers 


If the destination IDS has a driver with the same name as a corresponding driver on the source 
server, overwrite it. 


--noacls 
Stops migration of Access Control Lists (ACLs). 


--noprofiles 
Stops migration of profiles. If profiles are not present on the target server, clients cannot install 
printers. 

--overwrite-profiles 
Overwrites the target server profile for a driver with the same name as a profile on the source 
server. 

--nogo 


Prepares but does not perform migration. This option creates an output XML file and migrates 
drivers (unless --nodrivers was specified) but does not perform migration. 


--debug 


Prints debug messages to a /var/opt /novell/log/migration/iprintmig. log file. 


--update 


Synchronizes any changes in the source server data with the target server after the migration 
process is complete. This option must be used in conjunction with the -a option. 


--resume 


Lets you resume the migration process from where it was suspended. 


--precheck 


Validates the parameters passed for the migration process and returns the status without 
actually starting the migration. 


--consolidation 

Aggregates services on a single target server from multiple source servers. 
--ssl 

Enables secure authentication. 
--port 

Indicates the LDAP port. 


--treeflattening 


Creates the contexts of the source printers under a different context on the target server. The 
context of the target printer is specified by using the -c<DN>, --dst-container <DN> option. 
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--idswap 


Migrates printers from the source server to the target server without changing their identities. 


--driver-platform 


Identifies the names of the platforms to migrate. All the drivers for the selected platforms are 
migrated. The driver platforms should be specified every time you configure the print options. For 
example, --driver-platform "Windows XP" --driver-platform "Vista 64". 


Using Passwords 


For security reasons, it is safest to transmit passwords to the script via an environment variable or via 
the -P/-T options, because any user of the system can view the password if it is on the command line 
(-p/-t options). 


Instead, have the calling program set its environment with the following two variables: 
IPRINTMIG SRC PASSWORD-examplePasswordl 
IPRINTMIG DST PASSWORD-examplePassword2 


Then you can execute the following command, which migrates all the printers from 
server1.example.com to the server where the script is being run. 


iprintmig -s serverl.example.com -u admin.example.us -U admin -a -x psminfo.xml -I 
cn-ids,o-example,c-us \-i ids.example.com -c ou-iPrint,o-example,c-us 


Examples 


The following example migrates several printers at a time while explicitly specifying the hostname of 
the new print manager: 


iprintmig -s serverl.example.com -d newserver.example.com -u admin.example.us -U 
admin -x psminfo.xml \ -I cn=ids,o=example,c=us -i ids.example.com -c 
ou=iPrint,o=example,c=us -n printerl -n printer2 \-n printer3 -n printer4 


If a calling program specifies a large number of printers, there are three ways to proceed: 


* The -n (or --printer-name) option can be specified with a printer name one or more times, as in 
the example above. This can create a very long command line if many printers are being 
migrated, so this usage is discouraged. 


* Afile containing printer names, one per line, can be specified by using the -f (or --printers-file) 
option. For a calling program to use this file, the program must first write the list of printers to a 
temporary file. 


* The calling program can avoid the use of a temporary file by using the -F (or --printers-fd) option, 
which allows the calling program to send the list of printer names over a pipe, such as a pipe 
created with socketpair(). When you use the -f (or --printers-file) option, printer names are read 
from the file descriptor, one per line. 
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A simple example of this usage follows in C. Similar methods are available with the 
Mono.Posix.Syscall members. 


char *printers[] = ( "pl", "p2", "p3" }; 
int fds[2], pid, rc; 
rc = socketpair(AF UNIX, SOCK STREAM, 0, fds); 
if (re < 1) 


{ 


perror ("Error creating socket pair"); 
exit (1); 


) 
pid = fork(); 
Switch (pid) 


case -1: //Error 
perror("Fork failed"); 
exit (1); 
case 0: //Parent 
close (fds[11); 
for (int i; i « (sizeof(printers)/sizeof(char**)); ++i) 


{ 
write(fds[0], printers[i], strlen(printers[il)); 
write(fds[0], "Wn", 1); 


close(fds[0]); 
break; 

default: //Child 

close (fds[0]); 

//Set an environment that contains the password env vars 

//Make sure that close on exec isn't set for fds[1] 

//exec the iprintmig script with "-F" and fds[1] converted from an int to 

a string as arguments 


Notes 


Most of the information that this program requires can be obtained from the eDirectory objects that 
you select. For example, to migrate all printers from a NetWare server to the new Linux server, you 
need to select the old PSM object, which contains the address of the server it is running on. Then you 
need to select the destination PSM, which has attributes for its network address, the eDirectory 
server it is using, and the IDS it is using. The corresponding IDS object has its own address. 


There are some details that you must manually provide instead of selecting or discovering, such as 
details about credentials and whether or not to migrate profiles or drivers. 


You can select a destination container to hold the objects created during migration, or you can choose 
to keep the same path for objects. This only works for a move from one tree to another, because 
NetWare objects already exist in the source tree and might conflict with the new Linux versions of the 
objects. 
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e Migrating NetStorage to OES 11 SP3 


This section provides information on how to migrate NetStorage running on OES 2 SP3 and OES 11 
to OES 11 SP3 (64-bit). The OES 2 SP3 or OES 11 server is referred to as the source server and the 
OES 11 SP3 server as the target server. 

¢ Section 28.1, “Prerequisites,” on page 253 


¢ Section 28.2, “Migration Procedure,” on page 253 


28.1 Prerequisites 


* NetStorage is installed and configured on OES 2 SP3 32-bit machine. 
* NetStorage is installed on target OES 11 SP3 machine. 


For more information about installing and configuring NetStorage, see “Installing NetStorage" in the 
OES 11 SP3: NetStorage Administration Guide for Linux. 


28.1.1 What Is Migrated 


The following data is migrated from the source server to the target server: 


¢ Xtier registry settings and configurations 


28.2 Migration Procedure 


Source Server 


1 Back up the /var/opt/novell/netstorage/shared folder. 
2 Back up the /opt/novell/netstorage/webapp/WEB-INF/classes/Settings.properties file. 


3 At the terminal prompt, use the following command to stop the xregd user: rcnovell-xregd 
stop 


4 Export the registry available at /var/opt /novell/xtier/xregd/db as an xml file using the 
following command: 


/opt/novell/xtier/bin/regutil -e srcReg.xml 


Target Server 
1 Copy the /var/opt/novell/netstorage/shared folder in the same volume and directory 
structure. 


2 Copy the /opt/novell/netstorage/webapp/WEB-INF/classes/Settings.properties file in 
the same volume and directory structure. 


3 Ensure that file permissions are retained. 


4 Copy srcReg.xml to any location. For example, /opt/novell/xtier/bin/regutil -i 
«location»/srcReg.xml, where «location» is the location of your choice. 
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28.2.2 
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At the terminal prompt, use the following command to stop the xregd user: rcnovell-xregd 
Stop 


Navigate to /var/opt/novell/xtier/xregd/db/ and verify that the directory db is empty using 
the following command: 1s -1. 


If the directory is empty, continue to Step 5 on page 254. 


7 If any files exist in the db directory, move all the files to a temporary directory, for example, /tmp. 


10 


13 


14 
15 


Generate files inside the xtier registry using the following command: 
To restore the source server registry: 
/opt/novell/xtier/bin/regutil -i srcReg.xml 


Navigate to /var/opt/novell/xtier/xregd/db/ and run the command 1s -1 /var/opt/ 
novell/xtier/xregd/db to ensure that the following files are generated: 


* xtier registry.db 
* xtier registry.lck 
* xtier registry.rfl 
Start the xregd user using the rcnovell-xregd start command. 
Navigate to the xtier registry using the /opt /novell/xtier/bin/regedit command. 


At the regedit prompt, execute the cà 1ocal machine command and the 1s -1 command to 
view the contents inside the directory. If a directory named software is present in the 
local machine directory, then the registry is rebuilt without any error. 


Similarly, enter the following commands in the sequence listed along with Is -I command to view 
the content in the respective directories: 


* cd software 

* cd Novell 

* cd Xtier 

* cd Configuration 


If the content exists in all the respective directories, then the Xtier registry is completely 
rebuilt. 


Enter exit. 
Restart the machine. 


Transfer ID - Same Tree 


In this scenario, the target server is installed in the same tree as the source server. After successful 
completion of Transfer ID, the target server functions with the same credentials (such as IP address 
and host name) as the source server, and the source server node is no longer available in the 
network. For more information, see Chapter 10, "Using the Migration GUI Tool for Transfer ID,” on 
page 65. 


Post Migration 


After migrating NetStorage, 


* 


* 


Log in to iManager and go through the NetStorage Task to ensure the configurations were 
properly migrated. 


Access NetStorage from a browser http://<IP-ADDRESS>/NetStorage/ and should be able to log 
in and access files and folders. 
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29.1 


29.2 


29.3 


Migrating NTP to OES 11 SP3 


Migration refers to the process of migrating Timesync services from a NetWare system to NTP on a 
Linux system. The OES Migration Tool follows a source/target model. 


The following sections give more details on the migration procedure for Timesync: 


* Section 29.1, "Planning the Migration," on page 255 

¢ Section 29.2, "Migration Scenarios," on page 255 

¢ Section 29.3, "Migration Procedure,” on page 255 

¢ Section 29.4, "Post-Migration Procedure,” on page 256 


Planning the Migration 


You can migrate the NTP services running the following source and target platforms: 


Source Servers 


* NetWare 6.5 SP8 


Target Server 


* OES 11 SP3 


Migration Scenarios 


The following scenarios are supported for Timesync/NTP migration: 


* Consolidation on the same tree 
* Consolidation on a different tree 
* Transfer ID on the same tree 


For details on these three scenarios, see Section 1.3, "Migration Scenarios," on page 16. 


Migration Procedure 


Migration of the NTP configuration can be done from the Migration Tool or through the command line. 


The migration procedure reads the NetWare NTP/Timesync configuration file and maps its 
parameters to the equivalents in NTP Linux. During the migration process, the existing ntp.cont file 
is backed up and saved as ntp.conf.oldinthe /etc directory and the new parameters are saved in 
/ etc/ntp.cont. If NTP is already configured on the target server while configuring eDirectory, this 
configuration is overwritten. 


* Section 29.3.1, "Using the Migration Tool to Migrate Servers," on page 256 
¢ Section 29.3.2, "Using the Command Line to Migrate Servers,” on page 256 
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29.3.1 


29.3.2 


29.4 


Using the Migration Tool to Migrate Servers 


1 Launch the Migration Tool in one of the following ways: 


Desktop: Click Computer > More Applications > System > Novell Migration Tools 
Terminal: Log in as the root user and at a terminal prompt, enter miggui 
Configure the source and target parameters. 


For details on configuring source and target server information, selecting a migration type, 
loading and saving a project, and all buttons, see Chapter 2, "Overview of the Migration GUI," on 
page 21. 


Select Novell NTP from Services, click Configure. The status changes from Not Configured to 
Ready. 


Click Migrate to start the migration process. The status changes from Migrating to Migrated. 


NOTE: Use the Status » Logs tab to check for errors during migration. Fix the errors and restart 
the migration procedure if necessary. 


Using the Command Line to Migrate Servers 


To run the NTP migration utility through the command line, run the following command on the target 
server with the required parameters: 


migtime -s «source IP address> 
For example: 


migtime -S XXXx.XXX.XXX.XXX 


Post-Migration Procedure 


Load the XNTPD daemon by entering the following command at the prompt: 


rcntp restart 
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30.1 


Migrating NCP to OES 11 SP3 


This section describes how to migrate NCP environment to OES 11 SP3. 


Before you proceed with the migration, review Section 30.1, "Prerequisites," on page 257. In this 
section, the source server refers to an OES 2 SP3 or OES 11 server and the target server refers to an 
OES 11 SP3 server. 


¢ Section 30.1, “Prerequisites,” on page 257 
¢ Section 30.2, "What Is Migrated,” on page 257 
¢ Section 30.3, "Migration Procedure,” on page 257 


Prerequisites 


* OES 11 server is already installed and NCP is configured. For more information, see the OES 11 


SP3: NCP Server for Linux Administration Guide. 


NSS Pools and volumes are already migrated to the new OES 11 SP3 server from the OES 2 
SP3 server. Use the cluster migrate resource name node name command to migrate the cluster 
pools and volumes. For details, see "Using the Cluster Migrate Command" in the OES 11 SP3: 
Novell Cluster Services for Linux Administration Guide. 


NCP (posix) volumes and non-cluster NSS volumes are already migrated to the new OES 11 
SP3 server from the OES 2 SP3 server. This can be done by unmounting the corresponding file 
system from the source machine and mounting it on the target machine. 


30.2 What Is Migrated 


* Configuration files 


30.3 Migration Procedure 


1 Copy the following files from the OES 2 servers to OES 11 server 


+ /etc/opt/novell/ncpserv.conf 

+ /etc/opt/novell/ncp2nss.conf 

* /etc/opt/novell/ncp/ncp2nss.audit.conf 
+ /etc/opt/novell/ncp/ncp2nss.log.conf 
+ /etc/opt/novell/ncp/ncpserv.audit.conf 


+ /etc/opt/novell/ncp/ncpserv.log.conf 


IMPORTANT: The /etc/opt/novell/ncpserv.conf file contains the file server name in 

NCP FILE SERVER NAME «server name» format. If the source and target server names are 
different, ensure that you modify the parameter NCP. FILE SERVER NAME to 

NCP FILE SERVER NAME «new server name» before proceeding to the next step. 
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2 After the files are copied, restart ndsd daemon and ncp2nss daemon using the following 
commands on the target server: 


/etc/init.d/ncp2nss restart 


rcndsd restart 
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31.1 


31.2 


31.3 


Migrating OpenSLP to OES 11 SP3 


This section describes how to migrate an OpenSLP environment to OES 11 SP3. 


Before you proceed with the migration, review Section 31.2, "Prerequisites," on page 259. In this 
section, the source server refers to an OES 2 SP3 or OES 11 server and the target server refers to an 
OES 11 SP3 server. 


¢ Section 31.1, "What is Migrated,” on page 259 

¢ Section 31.2, “Prerequisites,” on page 259 

¢ Section 31.3, "Migration Procedure,” on page 259 
¢ Section 31.4, “Verification,” on page 260 


What is Migrated 


* Configuration information 
* Cache of service registrations 


Prerequisites 


Source Server 


Back up the /etc/slp.conf and /etc/slp.reg.d/slpd/DABackup files on the source SLP DA 
server. 


Target Server 


The target OES server need not be a SLP DA server. 


Migration Procedure 


1 Copy the following files from the source SLP server to the target server: 
* /etc/slp.conf 
+ /etc/slp.reg.d/slpd/DABackup 


NOTE: The /etc/slp.reg.d/slpd/DABackup file will only be present in the source server if the 
net.slp.isDABackup parameter is set to true in the /etc/slp.conf file. 
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2 The following steps are needed only if the IP address of the target server is different from the IP 
address of the source server. 


2a If the SLP agent has been configured to listen on only selected interfaces in the /etc/ 
slp.conf file, then after copying the configuration file to the target server, in the 
net.slp.interfaces section include the IP address of the target system. 


2b If DHCP is used in the network to advertise SLP Agent addresses to clients, then the 
dhcpd. conf file must be updated with IP address of the new system. 


2c Ifthe SLP clients are configured to contact SLP agents through configuration files or by 
providing SLP Agent IP address in the Novell Client, then the changes should be manually 
updated on the clients. 


3 Stop the SLP service on the source SLP DA by executing the following command: 
rcstop slpd 
4 Reboot the target SLP server. 


31.4 Verification 


Verify that the Clients are able to connect to services already registered before migration and whose 
service registration lifetime is still valid. 
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32.1 


32.2 


32.2.1 


Migrating Proxy Users to OES 11 SP3 


This section describes how to migrate Proxy users to the OES 11 SP3 server. 


Ensure that you review “Prerequisites” on page 41 before proceeding with proxy migration. In this 
section, the source server refers to an OES 2 SP3 or OES 11 server and the target server refers to an 
OES 11 SP3 server. 


¢ Section 32.1, "What Is Migrated,” on page 261 
* Section 32.2, "Transfer ID Migration Procedure,” on page 261 


What Is Migrated 


* The proxy users (common proxy and service proxy users) and their access rights. 


Transfer ID Migration Procedure 


* Section 32.2.1, "Services that Are Using Common Proxy," on page 261 

* Section 32.2.2, "Services that Are Using Service-Specific Proxy," on page 263 
¢ Section 32.2.3, "Troubleshooting," on page 264 

¢ Section 32.2.4, "Enabling SSH,” on page 265 


Services that Are Using Common Proxy 


* "Prerequisites" on page 261 
* "Pre-Migration Procedure" on page 261 
* "Post-Migration Procedure" on page 262 


Prerequisites 


* Ensure that the source server and target server are updated with the latest patches. 
* Enable SSH on the source server. For more information, see "Enabling SSH" on page 265. 


Pre-Migration Procedure 


Before services are migrated to the OES 11 SP3 server, you must identify the services using common 
proxy and the common proxy credentials on the source server. 


1 On the source server, log in as a root user. 


2 Retrieve the common proxy credentials on the source server by executing the following 
commands: 


/opt/novell/proxymgmt/bin/cp retrieve proxy cred username 


Displays the common proxy DN. 
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/opt/novell/proxymgmt/bin/cp retrieve proxy cred password 
Displays the common proxy password. 
Make a note of the common proxy credentials. 
3 Identify the services using common proxy on the source server by executing the following 
command: 
/opt/novell/proxymgmt/bin/retrieve proxy list.sh 


This command writes all the OES services and their proxy users to the file /var/opt /novell1/ 
log/proxymgmt/pxylist.txt. Using the common proxy credentials that are identified in Step 2, 
determine the services using common proxy from the pxylist.txt file. 


IMPORTANT: Do not delete, modify, or rename the common proxy user from eDirectory. 


Post-Migration Procedure 


After the services are migrated to the OES 11 SP3 server, you must update CASA on the target 
server with the common proxy credentials and then reconfigure the services using common proxy to 
use the updated credentials. 


1 Update CASA on the target server with the common proxy credentials retrieved in Step 2 on 
page 261. 
1a On the target server, log in as a root user. 


1b Run the following command: 


/opt/novell/proxymgmt/bin/cp update proxy cred.sh 


You are prompted to enter the common proxy user DN and password. Enter the details 
retrieved in Step 2 on page 261. This updates CASA with the common proxy credentials. 


2 Verify that the common proxy credentials are updated properly by executing the following 
commands: 


/opt/novell/proxymgmt/bin/cp retrieve proxy cred username 


Displays the common proxy DN. 


/opt/novell/proxymgmt/bin/cp retrieve proxy cred password 
Displays the common proxy password. 


3 Reconfigure the services identified in Step 3 on page 262 to use the updated common proxy 
credentials. 
/opt/novell/proxymgmt/bin/move to common proxy.sh -d «LDAP Admin FDN» -w «LDAP 
Admin Password» -i «LDAP Server IP address» -p 636 -s «comma separated list of 
services» 


For example: 


/opt/novell/proxymgmt/bin/move to common proxy.sh -d cn-admin,o-novell -w 
novell -i 192.168.1.254 -p 636 -s novell-afp,novell-cifs,novell-dns 
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32.2.2 


Services that Are Using Service-Specific Proxy 


Proxy migration reconfigures the services on the target server with the source server proxy 
credentials. The migrate services proxy.sh script retrieves the service-specific proxy credentials 
from the source and reconfigures the services on the target server with the proxy credentials of the 
Source server. 


The progress of proxy migration is recorded in the /var/opt/novell/log/proxymgmt/pxymgmt.log 
file. 

* "Prerequisites" on page 263 

* "Proxy Migration Procedure" on page 263 


* "Verifying Proxy Migration" on page 264 


Prerequisites 


* Platform Support for the Target Server: 
* OES 11 SP3 
* Platform Support for the Source Server: 
* OES 11 
+ OES 2 SP3 Linux on 32-bit or 64-bit 
+ OES 2 SP2 Linux on 32-bit or 64-bit for only DNS, DHCP, LUM, and NetStorage. 
* Ensure that the source and target servers are updated with the latest patches. 
* Enable SSH on the source server. For more information, see “Enabling SSH" on page 265. 


* For OES 2 SP2, see TID 7010507 to download the binaries and to perform proxy migration. 


Proxy Migration Procedure 


1 Migrate the services to the target server. 


After a successful migration of services for OES 2 SP3 and OES 11 servers, proceed to Step 4 
for proxy migration. 


2 (Conditional) Proxy migration of DNS, DHCP, and LUM services on OES 2 SP2 server: On the 
source server, create the folders to store the proxy credentials retrieval scripts (/opt/novell/ 
proxymgmt /bin/) and log files (/var/opt/novell/log/proxymgmt/). To download the scripts, 
see TID 7010507. 


3 (Conditional) Proxy migration of NetStorage on OES 2 SP2 server: 
3a On the target server, install NetStorage 
3b Using YaST, configure NetStorage. 


3c When prompted for proxy user credentials, specify the proxy user credentials of the source 
server. NetStorage stores these credentials. 


4 (Conditional) Proxy migration of services on OES 2 SP3 and OES 11 servers: On the target 
server, run the command as a root user to reconfigure the services with the source server proxy 
credentials. 


/opt/novell/proxymgmt/bin/migrate services proxy.sh -s «Source server IP» -d 
«LDAP Admin FDN) -w «LDAP Server Password» -i «LDAP server IP» -p «LDAP Port» 


For example: 
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/opt/novell/proxymgmt/bin/migrate services proxy.sh -s 192.168.1.1 -d 
cn-admin,o-novell -w xxxx -i 192.168.1.255 -p 636 


Option Description 


Mandatory Parameters: 


-S 


-d 


Specify the IP address of the source server to copy the proxy credentials. 
Specify the LDAP Admin DN (comma format). 

Specify the LDAP Admin Password. The password is stored in encrypted format. 
Specify the LDAP server IP address. 


Specify the LDAP Port. The default secure port is 636. 


Optional Parameters: 


-e 


Specify the value as "yes" or "no." Default value is "yes." This ensures that the 
credentials in the file are encrypted. 


Specify the value as "yes" or "no." Default value is "yes." This ignores the services 
using Common Proxy. 


After successful completion of proxy migration, the services on the target server will run with the 
proxy credentials of the source server. 


Verifying Proxy Migration 


* 


* 


Verify that the services using service specific proxy on the target server are running with the 
proxy credentials of the source server. 


Troubleshooting 


"Service Specific Proxy Migration Fails" on page 264 


Service Specific Proxy Migration Fails 


Proxy users failed to migrate using the migrate services proxy.sh script. To resolve this issue, 
perform the following: 


1 


Migrate the services to the target server. 


After successful migration of the services, proceed to the next step. 


2 On the source server, login as a root user. 
3 (Conditional) If the source server is OES 2 SP2 and services are DNS, DHCP and LUM, create 


the folders to store the proxy credentials retrieval scripts (/opt/novell/proxymgmt/bin/) and 
log files (/var/opt/novell/log/proxymgmt/). To download the scripts, refer the TID 7010507. 


Copy the /opt/novell/proxymgmt/bin/services get proxy cred.sh script from the target 
server to the source server in the /opt/novell/proxymgmt/bin/ folder. 


Retrieve the service specific proxy credentials on the source server by executing the following 
command: 


/opt/novell/proxymgmt/bin/services get proxy cred.sh 
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After successful execution, a list of proxy user credentials is written to the /var/opt/novell/ 
log/proxymgmt /proxycred file on the source server. The proxycred file contains the proxy 
user name in clear text format and the password in encrypted format. 


The proxycred file stores the information in the following format: 
<servicename>=<proxydn>:<proxypass> 


Considering CIFS as an example: 


CIFSPROXY=cn=user123,ou=users, o=novell:<pwd> 
6 Copy the proxycred file to the target server by executing the following command: 


scp /var/opt/novell/log/proxymgmt/proxycred root@<Target Server IP>:/var/opt/novell/log/ 
proxymgmt/ 


7 On the target server, run the command as a root user to reconfigure the services with source 
server proxy credentials 


/opt/novell/proxymgmt/bin/services reconfig proxy.sh -d «LDAP Admin DN» -w 
«LDAP Admin Password» -i «LDAP Server IP» -p «secure LDAP Port=636> 


The progress of proxy migration is recorded in the /var/opt/novell/log/proxymgmt / 
pxymgmt . 1og file. 


After successful execution, the services are reconfigured with the proxy credentials available in 
the /var/opt/novell/log/proxymgmt /proxycred file. 


8 (Optional) On completion of Proxy migration, we recommend that you delete the following files 
and folders to clean up the source server. If the files are not deleted, they do not impact the 
working of the source server. 


* Source server is OES 2 SP3: 
* services get proxy cred.sh file 
* proxycred file 

* Source server is OES 2 SP2: 
* /opt/novell/proxymgmt folder 


¢ /var/opt/novell/log/proxymgt folder 


32.2.4 Enabling SSH 


1 Enable SSH on the source server and the target server. 
2 Enter the 44 ssh-keygen -t rsa command on the target server. 


3 When you are prompted to enter the file in which to save the key (/root/.ssh/id rsa), press 
Enter. 


The ssh keys are stored in the default location. 
4 When you are prompted to enter the passphrase (empty for no passphrase), press Enter. 
We recommend that you do not include the passphrase. 
5 Copy the key value (the output of the # ssh-keygen -t rsa command) to the source server. 
# scp -/.ssh/id rsa.pub rootG«source-server»:/root/ 
where «source-server» is the IP address or the hostname of the source server. 


6 Log in to the source server by using ssh. If the.ssh directory is not available, create the 
directory, then append the key value to the list of authenticated keys. 


cat id rsa.pub »» /root/.ssh/authorized keys 
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33.1 


33.1.1 


33.2 


Migrating QuickFinder to OES 11 SP3 


This section provides information on how to migrate QuickFinder running on OES 2 SP3 or OES 11 to 
OES 11 SP3. The OES 2 SP3 or OES 11 server is referred to as the source server, and the OES 11 
SP3 server as the target server. 


¢ Section 33.1, “Prerequisites,” on page 267 
* Section 33.2, "Migration Procedure,” on page 267 
* Section 33.3, “Migrating QuickFinder to OES 11 SP3,” on page 268 


Prerequisites 
* QuickFinder is installed and configured on the source OES 2 SP3 or OES 11 32-bit machine. 
* QuickFinder is installed on the target OES 11 SP3 machine. 


For more information, see “Installing and Setting Up QuickFinder Server" in the OES 11 SP3: Novell 
QuickFinder Server 5.0 Administration Guide. 


What Is Migrated 


The following data is migrated from the source server to the target server: 


* QuickFinder service level configuration files 


* QuickFinder site-specific configuration files 


Migration Procedure 


Install OES 11 SP3 on the target server. 
Stop Tomcat on the source server, using the following command: renovell-tomcats stop. 


Configure QuickFinder on the target server with the same values as the source server. 


A OO N HM 


Stop Tomcat on the target server, using the following command: rcnovell-tomcat6-32bit 
Stop. 

5 Migrate the /var/lib/qfsearch/*.properties files from the source server to the target server 
in the same volume and directory structure. 


6 Migrate the virtual server settings from the source server to the target server in the same volume 
and directory structure. The default location is /var/lib/qfsearch/Sites. If the location is 
configured to a different location from the source server, then migrate it to a similar location on 
the target server. The location can be obtained from the source server (QuickFinder » Global 
Settings » General Service Settings » Server Management Settings » Default location of virtual 
server settings). 


7 Restart Tomcat on the target server, using the following command: rcnovell-tomcat6-32bit 
start. 


8 Restart Apache on the target server, using the following command: rcapache2 restart. 
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33.21 Transfer ID - Same Tree 
In this scenario, the target server is installed in the same tree as the source server. On successful 
completion of Transfer ID, the target server functions with the same credentials (such as IP address 


and host name) as the source server and source server node is no longer available in the network. 
For more information, see Chapter 10, "Using the Migration GUI Tool for Transfer ID," on page 65 


33.2.2 Post Migration 


After the migration, log in to QuickFinder and verfy that the configuration was properly migrated. 


33.8 Migrating QuickFinder to OES 11 SP3 


This section provides information on how to migrate QuickFinder running on OES 2 SP3 or OES 11 to 
OES 11 SP3. The OES 2 SP3 or OES 11 server is referred to as the source server, and the OES 11 
SP3 server as the target server. 
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34.1 


34.1.1 


34.1.2 


34.1.3 


Documentation Updates 


This section contains information about documentation content changes made to the OES 11 SP1: 


Migration Tool Administration Guide since the initial release of Novell Open Enterprise Server 11. 
This document was updated as follows: 


¢ Section 34.1, “January 2014 (OES 11 SP2),” on page 269 
* Section 34.2, "August 2012,” on page 270 


January 2014 (OES 11 SP2) 


* Section 34.1.1, “Name Changed of Migration Scenario,” on page 269 
¢ Section 34.1.2, "Overview of the Migration GUI," on page 269 

¢ Section 34.1.3, "What's New,” on page 269 

¢ Section 34.1.4, "Transfer ID Migration,” on page 270 

¢ Section 34.1.5, “Migrating File Systems to OES 11 SP2,” on page 270 


Name Changed of Migration Scenario 


The name of the Consolidate scenario is changed to Migrate. This has no functionality change. 


Overview of the Migration GUI 


Location Change 
Section 2.1.4, "View Logs," on page 26 New section. 
Section 2.4.1, "Status," on page 33 This section is updated with new migration progress 
fields. 
Section 2.4.2, "Service Information," on page 33 New section. 
, 
What's New 
Location Change 


Section 3.2, "What's New (OES 11 SP2),” on page 37 This section is new. 
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3414 Transfer ID Migration 


Location Change 
Section 9.2, "Preparing the Source Server for Added a new prerequisite, "If the source server is 
Migration," on page 62 NetWare, ensure that you comment the line, "LOAD 


DSMETER'" in the autoexec.ncf file and restart the 
NetWare server before performing Transfer ID." 


Chapter 11, “Using Migration Commands for Transfer Updated Step 9e Others > Common Proxy with new 

ID," on page 71 information, "If the source is Linux, to perform common 
proxy migration on the target OES 11 SP1 server, see 
Chapter 32, “Migrating Proxy Users to OES 11 SP3,” 
on page 261. 


Section 14.1, “Copying NICI Keys Fails When New Issue. 
Performing Transfer ID,” on page 85 


34.1.5 Migrating File Systems to OES 11 SP2 


Location Change 

Section 16.2.3, “Migrating Compressed Files,” on New migration scenario. 

page 100 

Section 16.4, “Migrating the File System Using the * In Step 7, added a new line, “The names of the 

Migration GUI," on page 103 source cluster volumes can only include " "asa 
special character to be listed in the Migration 
GUI." 


* In Step 9, updated New User Options with an 
Important note to specify the default password in 
the eDirectory password field. 


34.2 August 2012 


¢ Section 34.2.1, "Overview of the Migration Tools," on page 270 

¢ Section 34.2.2, "What's New,” on page 271 

¢ Section 34.2.3, “Migrating File Systems to OES 11 SP1,” on page 271 
¢ Section 34.2.4, "Service Migration," on page 271 


34.2.1 Overview of the Migration Tools 


Location Change 


Table 1-2, "Source Platform Support for OES 11 SP3 The table is updated with the following: 


Services," on page 19 
* Platform support for OES 11 SP1 


* Updated with new services like DSfW, 
NetStorage, NCP, OpenSLP, QuickFinder. 
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34.2.2 


34.2.3 


34.2.4 


What's New 


Location Change 


Section 3.3, "What's New (OES 11 SP1),” on page 37 This section is new. 


Migrating File Systems to OES 11 SP1 


Location Change 


Section 16.4, "Migrating the File System Using the Updated the Sync Options task with Copy Trustees 


Migration GUI," on page 103 Only At The Directory Level option and Do Not Copy 
Trustees option. 

Section 16.6.4, "File System Migration Commands," Updated migfiles command with the --trustees-dirs- 

on page 119 only option. 


Service Migration 


Location Change 


Part VII, "Service Migration," on page 141 All service chapters are updated with manual steps to 


migrate OES 2 to OES 11 SP1 server. 


Chapter 23, “Migrating DSfW to OES 11 SP3,” on New chapter 
page 195 
Chapter 24, “Migrating LUM to OES 11 SP3,” on New chapter 
page 199 
Chapter 28, “Migrating NetStorage to OES 11 SP3,”0n New chapter 
page 253 
Chapter 30, “Migrating NCP to OES 11 SP3,” on New chapter 
page 257 


Chapter 31, “Migrating OpenSLP to OES 11 SP3,” on New chapter 
page 259 


Chapter 32, “Migrating Proxy Users to OES 11 SP3,” New chapter 
on page 261 


Chapter 33, “Migrating QuickFinder to OES 11 SP3,” New chapter 
on page 267 


Section 20.2, “Migrating CIFS to OES 11 SP3,” on Added a new section, Section 20.2.4, “Post Transfer 
page 172 ID Migration Procedure,” on page 173. 
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